JaffaCakes118_6c8276aa406aad1f2f02706d98ab2b5a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6c8276aa406aad1f2f02706d98ab2b5a
Size

433KB
MD5

6c8276aa406aad1f2f02706d98ab2b5a
SHA1

c62d46e3f99499d74ff07d5b41977d78fae9ad2d
SHA256

40ab6fa51eff15e766399d0d6a48960708e3c382cb5e65184838a22b213c209c
SHA512

48d9d95206f528ea405e67a2e68be7f5f291b2bd68fb5f17d0c295d270ed1a67fbf9ef484d1127f96636add47796ca78d6c89a89cc4623805f5886b7014660ec
SSDEEP

6144:GtU8o1I8vYJxuufZGTgBVZZlF1T3D16P1hWFlF320ONCC7h486I:GtUp1tvYJpfjvlF1TEP+lFvKh4W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6c8276aa406aad1f2f02706d98ab2b5a

Files

JaffaCakes118_6c8276aa406aad1f2f02706d98ab2b5a
.exe windows:5 windows x86 arch:x86

06d5d6514128dfcd5458b43e25930f8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

C:\basic\pricing\alone\thousands\i.pdb

Imports

kernel32

WaitForSingleObject
CreateFileMappingA
CreateSemaphoreA
LocalFree
LocalAlloc
GetProcessHeap
HeapCreate
GetLastError
CloseHandle
Process32Next
CreateToolhelp32Snapshot
GlobalMemoryStatusEx
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
LoadLibraryW
MapViewOfFile
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
Sleep
HeapAlloc
lstrlenA
GetProcAddress
GetCurrentProcess
SetPriorityClass
GetPriorityClass
lstrcpyA
SetThreadPriority
GetCurrentThread
GetModuleHandleA
GetThreadPriority
LoadLibraryA
CreateFileW
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection

user32

TrackPopupMenu
SendDlgItemMessageW
GetClassLongA
SetClassLongA
GetSystemMenu
EnableMenuItem
GetWindowLongA
SetWindowLongA
SendMessageA
GetClientRect
InvalidateRect
LoadIconA
LoadCursorA
RegisterClassExA
GetClipboardFormatNameA
GetSysColor
wsprintfA
OpenClipboard
EnumClipboardFormats
BroadcastSystemMessageA
GetClipboardData
CloseClipboard
SetRect
UnionRect
CreateWindowExA
GetDC
DeleteMenu
DispatchMessageA
DestroyWindow
GetMenu
GetSubMenu
CheckMenuItem
SetWindowPos
GetMenuState
PostQuitMessage
LoadMenuA
MessageBeep
MessageBoxA
DefWindowProcA
EnumWindows
ClientToScreen

gdi32

DeleteObject
SelectPalette
CreatePen
SelectObject
Polyline
CreateSolidBrush
TextOutA
Rectangle
GetStockObject
CreateFontIndirectA

comdlg32

FindTextW

advapi32

CredEnumerateA

odbc32

ord12
ord24
ord19
ord72
ord107
ord75

psapi

GetProcessMemoryInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

rasapi32

RasDialA

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06d5d6514128dfcd5458b43e25930f8f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

odbc32

psapi

version

rpcrt4

rasapi32

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 251KB - Virtual size: 251KB

.data Size: 4KB - Virtual size: 11KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 251KB - Virtual size: 251KB

.data
Size: 4KB - Virtual size: 11KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 8KB - Virtual size: 8KB