06f81e83ea69cef87ccb9936a7189dd5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06f81e83ea69cef87ccb9936a7189dd5_JaffaCakes118
Size

366KB
MD5

06f81e83ea69cef87ccb9936a7189dd5
SHA1

db3f8b6af9634bf45cde2a00ddf7de0431615d9d
SHA256

70f355cc8dd86f777ac36f9d969735829c0b5016baecf819435012623f4c4f72
SHA512

776e6d8c3893e55ecf52553204bfcf07c6a520c3bfe45c3622bcdc6a9ab07870c3edd86fc76fbf203797a1fa3916d133fb938634f80f8ecf95d20f36e7dc7ce6
SSDEEP

6144:fKwcBfcnXxyGBUMMTX8djLjdWoZ2iQDlAarHrwEj82uR0w2YAcgZ8It9:u5cnXxnBJEojfZ2iQJHrwh2HJZ8IL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f81e83ea69cef87ccb9936a7189dd5_JaffaCakes118

Files

06f81e83ea69cef87ccb9936a7189dd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

758c53a642186334212cb7c12d37a437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
EnumWindows
GetParent
SetWindowTextA
GetDialogBaseUnits
GetClientRect
IsWindow
OpenIcon
ChildWindowFromPointEx
GetSysColor
GetWindowTextA
EnumThreadWindows
SetParent

gdi32

Arc
EndPage
CloseMetaFile
CreateEllipticRgn
AbortDoc
FillRgn
CreateSolidBrush
EnumObjects
AddFontResourceA

kernel32

GetOEMCP
HeapAlloc
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetACP
GetStringTypeW
GetCPInfo
GetLocaleInfoA
CreateMutexA
GlobalSize
GetDateFormatA
ReleaseSemaphore
GetNumberFormatA
GetOverlappedResult
GetProcAddress
CopyFileA
VirtualAllocEx
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

secur32

DecryptMessage
ExportSecurityContext
VerifySignature
AcceptSecurityContext
FreeCredentialsHandle
DeleteSecurityContext
CompleteAuthToken

netapi32

NetUserGetInfo
NetGroupAddUser
NetConnectionEnum
NetFileGetInfo
NetAuditClear
NetFileClose
NetErrorLogClear

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uyhmu
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

758c53a642186334212cb7c12d37a437

Headers

File Characteristics

Imports

user32

gdi32

kernel32

secur32

netapi32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 79KB

.uyhmu Size: 333KB - Virtual size: 332KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 79KB

.uyhmu
Size: 333KB - Virtual size: 332KB

.rsrc
Size: 3KB - Virtual size: 2KB