0a3260abfc6db23748bf3a259caf5639_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a3260abfc6db23748bf3a259caf5639_JaffaCakes118
Size

944KB
MD5

0a3260abfc6db23748bf3a259caf5639
SHA1

624e1147774b0fb4086d4ebf6cd03319bd01c830
SHA256

4bf6a8a95d9590bbfcb74e1d4bd79ab965f7d4c0a9bc427d82189dab6428ee69
SHA512

5b6967168f2c83f6cab676647c2600a8699cf03a31bf256f4a93128abc38182dc751c7868272b34a17bc6e2aea72e6beb3b275e779157d0826f6fff9a6a2ee2f
SSDEEP

24576:7R0g83Qc5vGkwpp7TUuSvLX6BJtvR6zut:l783Q6vS+stpgut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a3260abfc6db23748bf3a259caf5639_JaffaCakes118

Files

0a3260abfc6db23748bf3a259caf5639_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c02f9fbb1d0248c6620f9d7ce365b77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
RtlFillMemory
SetStdHandle
EndUpdateResourceA
SetFileApisToOEM
GetCPInfoExA
SetCurrentDirectoryW
DeleteVolumeMountPointA
SetFileAttributesW
ExpandEnvironmentStringsW
GetThreadSelectorEntry
GetDefaultCommConfigA
GetVersion
EnumDateFormatsA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetDiskFreeSpaceA
EnumResourceTypesW
GetCurrentProcessId
GetNamedPipeHandleStateA
RemoveDirectoryA
SetUnhandledExceptionFilter
CreateWaitableTimerA
GetDateFormatA
IsBadHugeWritePtr
WriteFile
FreeEnvironmentStringsA
GetVolumeNameForVolumeMountPointA
CreateFileW
_hwrite
UnmapViewOfFile
GetSystemWindowsDirectoryA
SetMailslotInfo
GlobalFindAtomA
GetShortPathNameA
EnumResourceLanguagesA
EnumTimeFormatsW
FindAtomA
ExitProcess
GlobalUnWire
MultiByteToWideChar
EscapeCommFunction
FindResourceExA
CreateJobObjectW
Process32NextW
CreateNamedPipeA
VerifyVersionInfoW
GetTimeFormatA
GetModuleHandleW
GetLocalTime

user32

SetKeyboardState
SetCursorPos
GetParent
wvsprintfW
DlgDirListW
UnregisterHotKey
MessageBeep
DrawTextW
PostMessageW
MapWindowPoints
VkKeyScanExA
GetDlgItem
RegisterWindowMessageW
ReleaseCapture
GetClassInfoExW
IsCharAlphaNumericA
FreeDDElParam
LoadAcceleratorsW
SetMessageQueue
WinHelpA
RegisterClipboardFormatW
SetMessageExtraInfo
SetDlgItemTextW
GetLastInputInfo
SwitchDesktop
GetGuiResources
SetWindowsHookA
GetDlgItemTextW
OpenIcon
EnumThreadWindows
DrawTextExW
SetForegroundWindow
PackDDElParam
OpenWindowStationA
OpenWindowStationW
EnumPropsExW
DefWindowProcA
SetClassLongW
TranslateMessage
FindWindowW
MapVirtualKeyW
ActivateKeyboardLayout
LoadCursorA
GetClassInfoExA
VkKeyScanW
UnionRect
WinHelpW
EnumDesktopsA
BeginPaint
WindowFromPoint
CreateMenu
DdeQueryStringW
FlashWindow
RegisterShellHookWindow
SetWindowContextHelpId
RegisterDeviceNotificationA
GetKeyNameTextW
SetMenuInfo
LockWindowUpdate
EnableMenuItem
SetMenuDefaultItem
EnableScrollBar
GetSysColorBrush
WINNLSEnableIME
CloseDesktop
GetWindowRgn
SystemParametersInfoW
MessageBoxIndirectA
ToUnicode
LoadKeyboardLayoutA
MapVirtualKeyExW
WaitMessage
DlgDirListA
DestroyIcon
IMPQueryIMEW
FindWindowA
GetWindowTextLengthA
SendDlgItemMessageA
UpdateLayeredWindow
DrawIconEx
GetMenuContextHelpId
ToAsciiEx
CharToOemW
DlgDirListComboBoxA
DdeAddData
CharUpperBuffW
GetSystemMetrics
DdeDisconnectList
CreateCaret
SendMessageW
GetKeyboardLayoutNameA
GetWindowLongW
GetPropW
DrawTextA
GetDlgCtrlID
CloseWindow
ExcludeUpdateRgn
TranslateAcceleratorW
ScrollDC
SetClipboardData
SetCaretPos
GetActiveWindow
GetSystemMenu
HideCaret
CheckMenuItem
GetKeyboardLayoutNameW
ScreenToClient
DestroyCursor
DestroyAcceleratorTable
DrawAnimatedRects
AllowSetForegroundWindow
MenuItemFromPoint
IMPSetIMEW
EnumPropsW
ReplyMessage
GetCapture
MoveWindow
UnpackDDElParam
DefMDIChildProcA
GetMessageTime
IMPGetIMEW
GetMenuItemID
IMPQueryIMEA
MapVirtualKeyA
GetWindowRect
DdeUnaccessData
MsgWaitForMultipleObjects
SetDoubleClickTime

shlwapi

PathAppendA

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c02f9fbb1d0248c6620f9d7ce365b77

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

Sections

.text Size: 295KB - Virtual size: 294KB

.data Size: 348KB - Virtual size: 595KB

.bss Size: 5KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 285KB - Virtual size: 284KB

.reloc Size: 4KB - Virtual size: 8KB

.text
Size: 295KB - Virtual size: 294KB

.data
Size: 348KB - Virtual size: 595KB

.bss
Size: 5KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 285KB - Virtual size: 284KB

.reloc
Size: 4KB - Virtual size: 8KB