0ca88f164251219fddf9cc042a3495bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ca88f164251219fddf9cc042a3495bc_JaffaCakes118
Size

810KB
MD5

0ca88f164251219fddf9cc042a3495bc
SHA1

64fcfc5299f64cc0cccd882eca73f217277a4cfc
SHA256

478959fe6f4f3d09e0772a5581fb864596c54f0adda76867f75669018a67db14
SHA512

94a57fd8f3144e06acb5acdf2a04aed3ff4af1ebd0b34bf920096f648d0bced08b7ebd7960b9a5b9c11c67ff96bd2515e3363266180ae5549131a126dae9aedc
SSDEEP

12288:tBYJBCx2jStLhdL3BWqxedq1cV6HVy3Nd4208s:TYJ1jSVLD8E1bVyn41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ca88f164251219fddf9cc042a3495bc_JaffaCakes118

Files

0ca88f164251219fddf9cc042a3495bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

18416998370f634ad48247f64a832b93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalUnlock
MulDiv
MultiByteToWideChar
OpenFile
QueryPerformanceCounter
RaiseException
SetFileAttributesA
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
LocalLock
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
LocalFree
LocalAlloc
InterlockedExchange
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemTime
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
GetCurrentProcess
GetAtomNameA
GetACP
FreeLibrary
FindFirstFileA
FindClose
DeleteFileA
DeleteAtom
CreateThread
CreateFileW
CloseHandle
AddAtomA
GetStartupInfoA
GetDriveTypeW
LoadLibraryA
GetCurrentThreadId
HeapAlloc
LoadLibraryW
GetVersion
GetModuleHandleW
VirtualAllocEx
GetCommandLineA
GetFileAttributesA
Sleep
GetLastError
WideCharToMultiByte
GetProcessHeap

user32

IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
LoadAcceleratorsA
LoadCursorA
LoadStringA
LoadStringW
MessageBoxA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SetCapture
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetRect
SetRectEmpty
SetScrollPos
SetWindowPos
SetWindowTextA
SystemParametersInfoA
TranslateAcceleratorA
TranslateMessage
UpdateWindow
IsIconic
IsDlgButtonChecked
IsClipboardFormatAvailable
InvalidateRect
InsertMenuA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetMessageA
GetMenu
GetKeyState
GetDlgItemTextA
GetDC
GetClipboardData
GetClientRect
FillRect
EnumThreadWindows
EndPaint
EndDialog
EnableWindow
EnableScrollBar
EmptyClipboard
DrawTextA
DrawIcon
DrawFocusRect
DispatchMessageA
DialogBoxParamA
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
CloseClipboard
CheckRadioButton
CheckDlgButton
CharUpperBuffA
CharNextA
CharLowerA
BringWindowToTop
BeginPaint
ShowWindow
LoadIconA
LoadBitmapW
GetSysColor
SetWindowLongW
LoadIconW
EnableMenuItem
GetDlgItem

gdi32

GetLayout
GetStockObject
GetTextExtentPoint32A
PatBlt
SetBkColor
SetBkMode
GetDeviceCaps
SetTextAlign
SetTextColor
SetWindowExtEx
SetWindowOrgEx
TextOutA
TranslateCharsetInfo
DeleteObject
CreateFontIndirectA
CreateMetaFileA
SaveDC
CopyMetaFileA
CloseMetaFile
CreateCompatibleDC
CreateSolidBrush
CloseEnhMetaFile
SetLayout
GetBkColor
GetDCBrushColor
DeleteEnhMetaFile
GdiGetBatchLimit
FlattenPath
GetEnhMetaFileA
CloseFigure
SelectObject
EndDoc
GetDCPenColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegQueryValueA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueA

shell32

ShellExecuteExA
ShellAboutA
ExtractAssociatedIconA
DragQueryFileA
DragFinish
DragAcceptFiles

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shlwapi

PathFindExtensionW

winmm

timeGetTime

msvcrt

exit
memmove
strchr
_acmdln
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_vsnprintf

Sections

.text
Size: 776KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18416998370f634ad48247f64a832b93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

winmm

msvcrt

Sections

.text Size: 776KB - Virtual size: 776KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 776KB - Virtual size: 776KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 11KB