JaffaCakes118_6a56b49ace059ecb9112b20e9b4f25d0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6a56b49ace059ecb9112b20e9b4f25d0
Size

260KB
MD5

6a56b49ace059ecb9112b20e9b4f25d0
SHA1

4ad812f043714febdf8e0d5e872a4892254207cb
SHA256

7aadccbeeda8ee15c1ca2613b6647f5812654be9fd5544e59764845bc841bcf3
SHA512

3a721cfe36d228172faa0e675c6766e60bbb0e2c686d3d561450442c8c4f2938ae375120fd65a88f4a5326b5edbeeca41f9dcc41f7984dc58323911fe68576a8
SSDEEP

6144:htX21Y7+PO6hIKxeYBy4GPIRMKFpIq7EbjkUvudrhTl:LhIhIKxeRHPI7FpwbjkMWhTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6a56b49ace059ecb9112b20e9b4f25d0

Files

JaffaCakes118_6a56b49ace059ecb9112b20e9b4f25d0
.exe windows:4 windows x86 arch:x86

1dd3af5a7c39a505d5c1756e3f30a4aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
HeapDestroy
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GlobalFree
FatalAppExitW
WideCharToMultiByte
CreateThread
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
lstrcmpiW
GetCurrentThreadId
SetLastError
FlushInstructionCache
OpenEventW
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryExW
LocalFree
FormatMessageW
lstrlenW
HeapAlloc
GetProcessHeap
RaiseException
HeapFree
GetUserDefaultLangID
FindFirstFileW
FindClose
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
LocalAlloc
GetVersion
GetProcAddress

user32

MessageBoxW
IsWindow
MapWindowPoints
GetDlgItem
GetTopWindow
SetDlgItemTextW
ShowWindow
ScreenToClient
SetWindowPlacement
GetWindowPlacement
GetClientRect
GetWindowRect
GetWindow
SetClipboardData
OffsetRect
ReleaseCapture
GetCapture
SetCapture
CopyRect
IsRectEmpty
InflateRect
DrawTextW
EndDialog
DestroyWindow
MapDialogRect
UnregisterClassA
GetSystemMetrics
GetParent
CloseClipboard
CallNextHookEx
GetFocus
DefWindowProcW
SetWindowsHookExW
GetDC
ReleaseDC
GetClassNameW
RedrawWindow
PtInRect
SetRectEmpty
SetCursor
GetCursorPos
BeginPaint
EndPaint
PostMessageW
InvalidateRect
SetTimer
KillTimer
GetDlgCtrlID
DrawFocusRect
CallWindowProcW
GetWindowDC
IsCharAlphaNumericW
DrawIconEx
GetTabbedTextExtentW
SetForegroundWindow
DrawStateW
TabbedTextOutW
SetFocus
CreateWindowExW
IsWindowEnabled
GetKeyState
OpenClipboard
EmptyClipboard
GetActiveWindow
GetNextDlgTabItem
UnhookWindowsHookEx
SetWindowPos
MoveWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SendMessageW
GetWindowLongW
SystemParametersInfoW
DestroyIcon
LoadImageW
DialogBoxParamW
SetWindowLongW
GetSysColor
LoadCursorW

gdi32

Polygon
ExtCreatePen
SetROP2
GetBkColor
SetViewportOrgEx
SetTextAlign
TextOutW
GetTextExtentExPointW
CreateCompatibleDC
SetTextColor
CombineRgn
CreateRectRgn
RoundRect
GetClipRgn
SelectClipRgn
BitBlt
PtInRegion
CreateRectRgnIndirect
CreateCompatibleBitmap
DeleteDC
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
SetBkMode
GetTextMetricsW
SelectObject
GetStockObject
GetObjectType
GetObjectW
CreateSolidBrush
CreateFontIndirectW
CreatePen
DeleteObject

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CreateStreamOnHGlobal

oleaut32

SysStringLen
VarBstrCmp
VariantClear
DispCallFunc
GetErrorInfo
SysFreeString
SysAllocStringLen
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SysAllocString
SafeArrayCreate
SafeArrayDestroy
VariantInit
SysAllocStringByteLen
SysStringByteLen

shlwapi

StrChrW
ColorAdjustLuma

comctl32

ImageList_GetImageCount
ImageList_Create
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx
ImageList_Destroy

msimg32

GradientFill

msoert2

PszAllocA

iaspolcy

DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YqVRuz
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sa
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UFR
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aUI
Size: 1024B - Virtual size: 819B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Q
Size: 1024B - Virtual size: 791B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dd3af5a7c39a505d5c1756e3f30a4aa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

msoert2

iaspolcy

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.YqVRuz Size: 2KB - Virtual size: 1KB

.sa Size: 2KB - Virtual size: 2KB

.UFR Size: 512B - Virtual size: 307B

.aUI Size: 1024B - Virtual size: 819B

.data Size: 212KB - Virtual size: 306KB

.Q Size: 1024B - Virtual size: 791B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.YqVRuz
Size: 2KB - Virtual size: 1KB

.sa
Size: 2KB - Virtual size: 2KB

.UFR
Size: 512B - Virtual size: 307B

.aUI
Size: 1024B - Virtual size: 819B

.data
Size: 212KB - Virtual size: 306KB

.Q
Size: 1024B - Virtual size: 791B

.rsrc
Size: 10KB - Virtual size: 10KB