0b21498ce73a6a71439f0d57242a607f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b21498ce73a6a71439f0d57242a607f_JaffaCakes118
Size

2.2MB
MD5

0b21498ce73a6a71439f0d57242a607f
SHA1

16add02434d05534d44d210cea166f96ab9b9325
SHA256

87001199d7c952fe92b7646e918d0e250247e783d74ca1c753649a95782f2929
SHA512

32b32895fd71552f47a6809f072ffa4f1e19af0330456536cadd3bf1c333b134fb9e07e09e638fb7e887ad3051a353ca552ddca751326e38bfe85fb1b347fc1b
SSDEEP

24576:5HJFHtvzhiI3rRGIQ2EkTHAUh4BVyMaaUere11im:5HJFHZF/LQcBuBsMtUWeim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b21498ce73a6a71439f0d57242a607f_JaffaCakes118

Files

0b21498ce73a6a71439f0d57242a607f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f00ef40ab6b49e860f1a0716cf94959e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeFreeDataHandle
SetParent
InflateRect
EnableScrollBar
GetScrollPos
ReleaseDC
SetMenuDefaultItem
RemoveMenu
InsertMenuW
CharLowerW
SendDlgItemMessageW
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
SetDlgItemInt
IsZoomed
ShowOwnedPopups
RegisterClassExW
DrawEdge

kernel32

GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
VirtualAlloc
HeapAlloc
ExitProcess
GetEnvironmentStringsW
GetLastError
GetConsoleMode
ReleaseSemaphore
WaitForMultipleObjects
FindClose
WaitCommEvent
FileTimeToLocalFileTime
TransactNamedPipe
ReadFileScatter
CreateEventW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
ExpandEnvironmentStringsW
DeleteFileW
GetACP
IsValidLocale
GetStringTypeW
EnumSystemCodePagesW
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
InitializeCriticalSection
GetModuleHandleExW
GetCommandLineW
RaiseException
EncodePointer
SetLastError
GetCurrentThreadId
DecodePointer
CreateFileW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ornii
Size: 506KB - Virtual size: 505KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aa26
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ge2s
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f00ef40ab6b49e860f1a0716cf94959e

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 81KB - Virtual size: 80KB

.data Size: 808KB - Virtual size: 8.0MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.ornii Size: 506KB - Virtual size: 505KB

.aa26 Size: 279KB - Virtual size: 278KB

.ge2s Size: 210KB - Virtual size: 209KB

.rsrc Size: 376KB - Virtual size: 375KB

.text
Size: 81KB - Virtual size: 80KB

.data
Size: 808KB - Virtual size: 8.0MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.ornii
Size: 506KB - Virtual size: 505KB

.aa26
Size: 279KB - Virtual size: 278KB

.ge2s
Size: 210KB - Virtual size: 209KB

.rsrc
Size: 376KB - Virtual size: 375KB