0aa847d82234d92d49426eb8089b127a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0aa847d82234d92d49426eb8089b127a_JaffaCakes118
Size

929KB
MD5

0aa847d82234d92d49426eb8089b127a
SHA1

ae810fd133e42476554a445dd770ea1dacb92045
SHA256

8a3a30b48d82f2e8f71156f628bbc971073dea4a51b37d36ebc85dcd8745b89f
SHA512

49edaca7b855348d4f729d689994be41a30c6923834fb4b12d77fb6b00a1fab4a967f059e0163e02acf8fb76db317824be1e36aa7ef133f0df7490f4518b0c0b
SSDEEP

24576:o/eyV3RhNHA6se3xjCq1SUx1f4hP00vmJRdlqU:oDV3i6XjCqV4hP00+RdU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aa847d82234d92d49426eb8089b127a_JaffaCakes118

Files

0aa847d82234d92d49426eb8089b127a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e4ee98039e3c2859cccbc68cee626647

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
WaitForSingleObject
InterlockedCompareExchange
UnlockFile
FlushViewOfFile
LockFile
WaitForSingleObjectEx
OutputDebugStringW
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
GetVersionExW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
MultiByteToWideChar
FlushFileBuffers
GetLastError
GetProcAddress
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GetFileSize
GetCurrentProcessId
GetSystemTime
AreFileApisANSI
DeleteFileA
GetDateFormatW
GetTimeFormatW
Beep
CompareStringW
LCMapStringW
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
RaiseException
GetFileType
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
IsProcessorFeaturePresent
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
ExitProcess
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateFileA
HeapReAlloc
GetFullPathNameA
GetTempPathA
GetFullPathNameW
GetCurrentDirectoryW
OpenProcess
DeleteFileW
CloseHandle
GetTempPathW
CreateFileW
ReadFile
WriteFile
lstrcpyW
lstrcatW
lstrcmpiW
CreateThread
ExitThread
GetLocalTime
LocalFree
lstrlenW
EncodePointer
DecodePointer

user32

TrackPopupMenu
CreateMenu
AppendMenuW
EnableMenuItem
GetCursorPos
SetMenu
CreatePopupMenu
EndPaint
DestroyWindow
SetCursor
SetTimer
GetWindowRect
GetMessageW
PostQuitMessage
KillTimer
GetSubMenu
DialogBoxParamW
LoadCursorW
FindWindowW
BeginPaint
TranslateMessage
ShowCursor
LoadIconW
GetScrollInfo
ScrollWindow
EndDialog
GetDesktopWindow
ShowWindow
DrawMenuBar
CreateWindowExW
RegisterClassW
GetSystemMetrics
UpdateWindow
EnableWindow
SetScrollInfo
DefWindowProcW
CheckMenuItem
MoveWindow
DispatchMessageW
SendDlgItemMessageW
MessageBoxW
SendMessageW
GetDlgItem

gdi32

SetDIBitsToDevice
LineTo
GetStockObject
MoveToEx

advapi32

RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegEnumValueW

shell32

Shell_NotifyIconW

comctl32

ord17
CreateStatusWindowW

psapi

GetModuleFileNameExW

Sections

.text
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4ee98039e3c2859cccbc68cee626647

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

psapi

Sections

.text Size: 604KB - Virtual size: 603KB

.rdata Size: 58KB - Virtual size: 57KB

.data Size: 207KB - Virtual size: 222KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 604KB - Virtual size: 603KB

.rdata
Size: 58KB - Virtual size: 57KB

.data
Size: 207KB - Virtual size: 222KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 22KB - Virtual size: 22KB