0bea887e38debfebc0593d6c10b15759_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0bea887e38debfebc0593d6c10b15759_JaffaCakes118
Size

624KB
MD5

0bea887e38debfebc0593d6c10b15759
SHA1

e7ded7c7fd70bb98af84b80d2ff546abf7c57b21
SHA256

83d3541a13066f8c8a3dc4616de54ca5b85c52061850ba68f642ca5897dd0921
SHA512

01e433c30a6b31654e9d16cabbe5502a4f488091931d45144d25bdc520a8a0af87320a51df787ac512510b522e7cef7327749924b34a42ce542a34661f7cb8f9
SSDEEP

12288:6CzWBs7O7zWOeq0WoMmP1SxShvF8rWoMmP1SxS:6CzWBs7ZOeq0WbmP1S84rWbmP1S8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bea887e38debfebc0593d6c10b15759_JaffaCakes118

Files

0bea887e38debfebc0593d6c10b15759_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4b8e695d7c02d34e1dcd335abee6072

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetCountryInfoA
RasEnumDevicesA

imm32

ImmGetCompositionWindow
ImmGetProperty
ImmUnregisterWordA
ImmSetConversionStatus
ImmGetContext
ImmGetGuideLineA
ImmSetCandidateWindow
ImmGetCompositionStringA
ImmSetStatusWindowPos
ImmGetConversionListA
ImmReleaseContext
ImmGetOpenStatus
ImmGetDefaultIMEWnd

user32

DrawIcon
EnableWindow
SendMessageA
IsIconic
LoadIconA
GetSystemMetrics
GetClientRect

msvcrt

_controlfp
towlower
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_j0
_setmode
fopen
_onexit
__dllonexit
_tolower
_access
_setmbcp

advapi32

GetSecurityDescriptorSacl

gdi32

DeleteDC
ResetDCW
UnrealizeObject
EnumFontsW
GetEnhMetaFileW
GetWorldTransform
FillRgn
GetBrushOrgEx
ExtCreateRegion
PolyBezier
CloseFigure
SetWindowOrgEx
CloseEnhMetaFile
GetTextExtentPoint32W
GetMetaFileBitsEx
GetObjectA
RectVisible
EndPath
PolyBezierTo
GetPixel
ExtTextOutA
GetTextExtentPointA
SetPixelFormat
GetPolyFillMode
BitBlt
GetDeviceGammaRamp
SetColorSpace
CreateRoundRectRgn
DeleteColorSpace
Polyline
Ellipse
SetMapMode
GetMapMode
EnumFontFamiliesExW
GetTextMetricsA
SetMetaFileBitsEx
CreateHatchBrush
CreateDIBPatternBrushPt
GetBkMode
SetWorldTransform
GetNearestPaletteIndex
SetBkMode
GetClipRgn
GetClipBox
GetGlyphOutlineA
CreateFontIndirectW
GetDCOrgEx
CreateICW
GetTextAlign
SetColorAdjustment
SetBitmapBits
GetCharWidthA
SetArcDirection
PlayEnhMetaFileRecord
OffsetWindowOrgEx
Polygon
StartDocA
GetKerningPairsA
EnumEnhMetaFile
PolyPolyline
CombineRgn
ExtSelectClipRgn
Escape
SetTextCharacterExtra
GetWindowOrgEx
GetSystemPaletteEntries
ResizePalette
MoveToEx
SetViewportExtEx
SetViewportOrgEx
CancelDC
Pie
SetPixel
SetROP2
DeleteEnhMetaFile
SaveDC
StretchBlt
OffsetClipRgn
SetPolyFillMode
RestoreDC
PolyDraw
RemoveFontResourceA
ExtFloodFill
ScaleWindowExtEx
PlayEnhMetaFile
SetMetaRgn
CreatePolygonRgn
RemoveFontResourceW
GetDIBColorTable
CreateFontW
GetFontData
CreateDCW
GetDeviceCaps
PtVisible
MaskBlt
GetGlyphOutlineW
CreateRectRgn
EqualRgn
PlayMetaFileRecord
SelectClipRgn
GetBkColor
GetROP2
SetPixelV
GetTextFaceA
IntersectClipRect
CreateCompatibleBitmap
FillPath
CombineTransform
CreateRectRgnIndirect
EnumFontsA
CreatePenIndirect
EnumMetaFile
EndDoc
EnumFontFamiliesA
GetDIBits
GetViewportOrgEx
WidenPath
CreateFontA
SetGraphicsMode
CreateFontIndirectA
CreateSolidBrush
GetRgnBox
UpdateColors
LPtoDP
OffsetViewportOrgEx
EndPage
GetTextExtentPoint32A

kernel32

GetThreadTimes
GetEnvironmentStrings
GetFileSize
GetModuleHandleA
CreateMutexA
GetStartupInfoA

mfc42

ord4234
ord4710
ord1168
ord324
ord755
ord470
ord1025
ord4425
ord4627
ord1074
ord1086
ord1064
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord1017
ord4441
ord2379
ord4837
ord3798
ord5280
ord4353
ord1576
ord1066
ord6374
ord1054
ord4274
ord6375
ord4486
ord2554
ord1067
ord5731
ord3922
ord1089
ord1093
ord2396
ord3346
ord1000
ord5302
ord2725
ord1021
ord4698
ord5307
ord1087
ord5714
ord2982
ord1084
ord3259
ord4465
ord1039
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord1003
ord4424
ord3738
ord561
ord815
ord2514
ord641
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord1048
ord2385
ord5163

Sections

.text
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4b8e695d7c02d34e1dcd335abee6072

Headers

File Characteristics

Imports

rasapi32

imm32

user32

msvcrt

advapi32

gdi32

kernel32

mfc42

Sections

.text Size: 364KB - Virtual size: 361KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 4.2MB

.rsrc Size: 212KB - Virtual size: 209KB

.text
Size: 364KB - Virtual size: 361KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 4.2MB

.rsrc
Size: 212KB - Virtual size: 209KB