146fad7cec98b3731df1c3e27c649206_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

146fad7cec98b3731df1c3e27c649206_JaffaCakes118
Size

292KB
MD5

146fad7cec98b3731df1c3e27c649206
SHA1

99a180414a9e20f7e921f3536abc7bddc5510e1f
SHA256

9772adf304c44c0c0e43faef7a58614359ad3d7155b2d5d5bc18678b271fcd49
SHA512

61a9d03a5e68a71fd9d63fbd2c22f6ca1d776a259601e6cc1e76eb2cbcd80cee3a1ec82d669209ac6e3553f305994e20a6aa61622aac8a7f10cd6d3a3857ba28
SSDEEP

6144:oXkPC5XvxwKdcA82ErcFvjipqbIjoimSLTPUox0:oXkuX5d78BrcFvjipaIjoALLUI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
146fad7cec98b3731df1c3e27c649206_JaffaCakes118

Files

146fad7cec98b3731df1c3e27c649206_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41e5e8671b1bbeb619dae63f345a3020

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetFileAttributesA
WritePrivateProfileSectionA
ReadConsoleOutputCharacterA
ReadConsoleA
LocalReAlloc
EnumResourceNamesA
QueueUserAPC
GetStartupInfoA
SetLocalTime
GetCommModemStatus
GetDefaultCommConfigA
SetLastError
lstrcmpA
GetSystemDirectoryA
FlushFileBuffers
GetDllDirectoryA
GetCommState
ReplaceFileA
EscapeCommFunction
GetThreadContext
GetTickCount
ReadConsoleOutputAttribute
WriteProcessMemory
GetLogicalDriveStringsA
GlobalUnlock
MoveFileA
_hwrite
SetLastConsoleEventActive
CreateNamedPipeA
GetCurrentThreadId
GetEnvironmentStringsA
VirtualFreeEx
GetProcessPriorityBoost
BuildCommDCBAndTimeoutsA
UpdateResourceA
VirtualAlloc
GetSystemTimes
WriteConsoleOutputCharacterA
SetFileAttributesA
UnlockFileEx
ReadConsoleInputA
EnumResourceLanguagesA
UnmapViewOfFile
GetFileAttributesExA
GetPrivateProfileStringA
ExitThread
SetFilePointer
WriteFileEx
WriteConsoleA
GetNumberFormatA
GetConsoleCommandHistoryLengthA
Heap32First
GetFileType
SystemTimeToTzSpecificLocalTime
SetSystemTime
OpenJobObjectA
LCMapStringA
IsBadCodePtr
AddConsoleAliasA
WriteConsoleInputA
GetCommandLineA
ReadConsoleOutputCharacterA
RaiseException
GetCommTimeouts
GetCompressedFileSizeA
ReadFile
OpenWaitableTimerA
GetEnvironmentVariableA
GetThreadContext
SetCurrentDirectoryA
OpenMutexA
IsValidLocale
SetLocaleInfoA
GetConsoleCommandHistoryLengthA
EnumSystemCodePagesA
GetConsoleMode
OpenJobObjectA
HeapSetInformation
SetVolumeMountPointA
OpenWaitableTimerA
GetVolumePathNameA
Heap32ListFirst
FlushConsoleInputBuffer
GetLastError
GetFileAttributesExA
GetThreadSelectorEntry
GetFileType
ReadConsoleA
GetThreadTimes
TransmitCommChar
SetInformationJobObject
SetVolumeLabelA
lstrcat
HeapValidate
QueryDosDeviceA
HeapDestroy
SetSystemPowerState
SetCurrentDirectoryA
CreateSocketHandle
IsBadStringPtrA
SetDllDirectoryA
OpenJobObjectA
PrepareTape
ReleaseSemaphore
GetProcessIoCounters
GetFileSizeEx
GetCPInfoExA
SetFirmwareEnvironmentVariableA
IsBadReadPtr
ClearCommBreak
GetConsoleTitleA
GetFileSizeEx
GetDateFormatA
SetCommMask
ConnectNamedPipe
lstrlen
MoveFileWithProgressA
GetCurrentConsoleFont
IsSystemResumeAutomatic
ReleaseMutex
SetConsoleTextAttribute
FlushConsoleInputBuffer
CreateNamedPipeA
ReadFileScatter
QueryPerformanceCounter
lstrcpyn
OpenEventA
SetProcessWorkingSetSize
GetConsoleTitleA

user32

GetCursor
GetMenuStringA
IsCharLowerA
GetMenuItemRect
CopyIcon
CreateMDIWindowA
CallWindowProcA
GetCursorPos
DrawStateA
SetWindowLongA
IsWinEventHookInstalled
AlignRects
SetRectEmpty
ClientToScreen
ReleaseCapture
CascadeChildWindows
BeginPaint
IntersectRect
UnlockWindowStation
CharToOemBuffA
RealChildWindowFromPoint
MapVirtualKeyExA
GetTabbedTextExtentA
IsServerSideWindow
CreateIconIndirect
SetSystemMenu
SetWindowWord
GetScrollRange
SendMessageA
ChangeMenuA
RemovePropA
SetProgmanWindow
MoveWindow
GetInternalWindowPos
BlockInput
LoadIconA
CharToOemBuffW
OpenWindowStationA
GetWindow
MenuItemFromPoint
BuildReasonArray
KillTimer
SetCapture
GetKeyboardLayoutNameA
CallWindowProcA
CreateAcceleratorTableA
GetMessageTime
UnregisterMessagePumpHook
LoadStringA
EnumWindowStationsA
BroadcastSystemMessageExA
IsGUIThread
UnregisterDeviceNotification
GetPropA
GetDlgItemTextA
GetActiveWindow
GetClassLongA
SetSystemMenu
ReuseDDElParam
SetProcessWindowStation
LoadImageA
DestroyCaret
GetClassNameA
DrawCaption

advapi32

CredIsMarshaledCredentialA

dpnet

DirectPlay8Create

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41e5e8671b1bbeb619dae63f345a3020

Headers

File Characteristics

Imports

kernel32

user32

advapi32

dpnet

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 166KB - Virtual size: 166KB

.rdata Size: 101KB - Virtual size: 100KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 166KB - Virtual size: 166KB

.rdata
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 18KB - Virtual size: 17KB