JaffaCakes118_6b446b71c587aff379a8fefe1204a110

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6b446b71c587aff379a8fefe1204a110
Size

72KB
MD5

6b446b71c587aff379a8fefe1204a110
SHA1

0757deb7a44d28176556d749a742c1677a755e7f
SHA256

ed0dfb57416a24df762a337278823cb19c1875f0e9aeeaddf6689a474ecf51f0
SHA512

ac052a0277a837c66b73d26768c35adcb4833b759f484ac3fd977796e93a7946baab48b565ca070962f654c121a78f037eb734230b5a0a3018e8239f56b06135
SSDEEP

1536:g8mNL0nNwCeVGOqPsSCk6l89CEciwCI8YGCq2iW7z:RKAnNReIHPdf6l89CEcppGCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6b446b71c587aff379a8fefe1204a110

Files

JaffaCakes118_6b446b71c587aff379a8fefe1204a110
.exe windows:5 windows x86 arch:x86

4c65fb40b4a1aeaa8eb39b0dbc78d7e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

kernel32

GetWindowsDirectoryA
SetThreadPriority
GetCurrentThread
DeleteFileA
SetPriorityClass
GetCurrentProcess
CreateFileA
GetSystemDirectoryA
SetCurrentDirectoryA
GetModuleFileNameA
GetLastError
CreateMutexA
GetExitCodeThread
CancelIo
SetEvent
Sleep
ReadFile
ExitThread
CreateThread
CreateEventA
CreateProcessA
GetPrivateProfileStringA
FileTimeToSystemTime
GetProcessTimes
OpenProcess
GetStringTypeExA
GetUserDefaultLCID
GlobalFree
GlobalUnlock
GlobalHandle
lstrcmpA
GlobalLock
GlobalAlloc
MultiByteToWideChar
WaitForSingleObject
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
SetFilePointer
LCMapStringA
LCMapStringW
RtlUnwind
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
FlushFileBuffers
ReleaseMutex
GetExitCodeProcess
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
lstrcpyA
GetPrivateProfileIntA
WritePrivateProfileStringA

user32

SendMessageA
SetTimer
GetForegroundWindow
KillTimer
keybd_event
EndDialog
DefWindowProcA
PostQuitMessage
RegisterClassA
LoadCursorA
DispatchMessageA
TranslateMessage
GetMessageA
EnableWindow
CreateDialogParamA
CreateWindowExA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId
EnumWindows
CharPrevA
CharNextA
CreatePopupMenu
DdeFreeStringHandle
DdeGetLastError
DdePostAdvise
DdeCreateStringHandleA
DdeCmpStringHandles
DdeCreateDataHandle
DdeFreeDataHandle
DdeNameService
DdeInitializeA
CharLowerA
wsprintfA
MessageBoxA
SetWindowLongA
DestroyWindow
FindWindowA
DialogBoxParamA
PostMessageA
SystemParametersInfoA
LoadIconA
UnregisterDeviceNotification
RegisterDeviceNotificationA
AppendMenuA
SetMenuDefaultItem
EnableMenuItem
GetCursorPos
SetForegroundWindow
TrackPopupMenuEx
DdeUninitialize
DestroyMenu

hid

HidP_MaxUsageListLength
HidP_GetSpecificValueCaps
HidP_GetSpecificButtonCaps
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetAttributes
HidD_GetPreparsedData
HidD_SetFeature
HidD_GetFeature
HidD_GetHidGuid

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

shell32

Shell_NotifyIconA
ShellExecuteExA

winmm

mixerOpen
mixerClose
waveOutGetDevCapsA
mixerGetID
waveOutGetNumDevs
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails

ole32

CoCreateInstance
CoInitialize
CoUninitialize

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��I�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c65fb40b4a1aeaa8eb39b0dbc78d7e6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

hid

setupapi

shell32

winmm

ole32

wtsapi32

Sections

.text Size: 50KB - Virtual size: 49KB

.data Size: 2KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 2KB

��I�u� Size: 16KB - Virtual size: 20KB

.text
Size: 50KB - Virtual size: 49KB

.data
Size: 2KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 2KB

��I�u�
Size: 16KB - Virtual size: 20KB