0ea38639217e296aa362d0a93f4fa349_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ea38639217e296aa362d0a93f4fa349_JaffaCakes118
Size

148KB
MD5

0ea38639217e296aa362d0a93f4fa349
SHA1

6b39dfd234998a8c23d05134d035239891f95b4f
SHA256

2c47e78809bebdc5dc2d4cc44e8b41217e226a790ff0fa6debc6f03a4f8b1512
SHA512

c00ec753773f216f6767f0839fc17b5d74c58761e7ec9683a36e529313d819d5c2d226581895e8b9b7792f642c43e3e28eeb8a40468c3385899eb81fb67a3ed7
SSDEEP

1536:a0RBBJ5Ztb5fJGKSy3Hwaj2FKBLqeNtoLQnT9PMF46ujxbYo08ts3:a0rvt5xGKScHBj0KB7XocTlJxU0tw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ea38639217e296aa362d0a93f4fa349_JaffaCakes118

Files

0ea38639217e296aa362d0a93f4fa349_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c35a162d09a1b4a99fe26ae9c2f3858a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharLowerBuffA
CharLowerA
AdjustWindowRectEx
ActivateKeyboardLayout
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA

shell32

ShellExecuteA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

gdi32

CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
ExcludeClipRect
ExtTextOutA
GdiFlush
GetBitmapBits
GetBrushOrgEx
CopyEnhMetaFileA
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
RealizePalette
RectVisible
Rectangle
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
StretchBlt
UnrealizeObject
BitBlt
GetClipBox

comctl32

ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_Read
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Write
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapSize
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStdHandle
GlobalAlloc
HeapCreate
CreateProcessA
CloseHandle
CreateFileA
GetFileType
GetFileSize
RaiseException
ReadFile
SetEndOfFile
SetFilePointer
UnhandledExceptionFilter
WriteFile
ExitProcess
FindClose
FindFirstFileA
FreeLibrary
GetCommandLineA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetThreadLocale
LoadLibraryExA
lstrcpynA
lstrlenA
MultiByteToWideChar
SetCurrentDirectoryA
WideCharToMultiByte
VirtualQuery
GetCurrentThreadId
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsGetValue
TlsSetValue
CompareStringA
CreateEventA
CreateThread
EnumCalendarInfoA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindResourceA
FormatMessageA
FreeResource
GetACP
GetCPInfo
GetCurrentProcessId
GetDiskFreeSpaceA
GetLocalTime
GetStringTypeExA
GetSystemInfo
GetTickCount
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalLock
GlobalHandle
GlobalReAlloc
GlobalUnlock
LoadLibraryA
LoadResource
LockResource
MulDiv
ResetEvent
SetErrorMode
SetEvent
SetThreadLocale
SizeofResource
Sleep
WaitForSingleObject
WinExec
lstrcpyA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
RtlUnwind

Sections

.data
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c35a162d09a1b4a99fe26ae9c2f3858a

Headers

File Characteristics

Imports

user32

shell32

advapi32

gdi32

comctl32

kernel32

Sections

.data Size: 136KB - Virtual size: 132KB

.rsrc Size: 8KB - Virtual size: 5KB

.data
Size: 136KB - Virtual size: 132KB

.rsrc
Size: 8KB - Virtual size: 5KB