0ebf48d81d43463aeadbc730660f1a73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ebf48d81d43463aeadbc730660f1a73_JaffaCakes118
Size

2.5MB
MD5

0ebf48d81d43463aeadbc730660f1a73
SHA1

cd88b11faa5100658135341c273639ca81ec76ee
SHA256

15984158e0badb4b2f9471c1e9003bb18b2ab11aff47af2376f9ebcd31dfb8cb
SHA512

93c640bf282158447509f1bc3c74ce107e14f942664848be9a11ecb28fda0d936e8c891e18c7c405fbff8d89da66017fbf8e63fde33c70fd5a1d646376cb434d
SSDEEP

49152:8LFsI8WIn5VYb1/LTinSMsZ13045LP1XfTgapOxwtCzu+Z6uuvnKRV+92a:8LFlLCzjFuvnKRc92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ebf48d81d43463aeadbc730660f1a73_JaffaCakes118

Files

0ebf48d81d43463aeadbc730660f1a73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

485824fc9245c31cc4bd2d8c48f7e08b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dsound

ord1

dinput

DirectInputCreateA

winmm

mciSendStringA

user32

DispatchMessageA
AdjustWindowRect
DefWindowProcA
SetWindowPos
PostQuitMessage
SetFocus
SetWindowLongA
MsgWaitForMultipleObjects
IntersectRect
LoadIconA
GetMessageA
MessageBoxA
GetDC
LoadCursorA
RegisterClassA
ShowWindow
ReleaseDC
CreateWindowExA
TranslateMessage
UpdateWindow
PeekMessageA
ShowCursor

gdi32

GetDeviceCaps
SetTextColor
SetBkMode
TextOutA
GetStockObject

ole32

CoInitialize

kernel32

SetLastError
HeapDestroy
GetEnvironmentVariableA
CompareStringA
GetVersionExA
SetEndOfFile
LCMapStringA
LCMapStringW
LoadLibraryA
GetOEMCP
GetCPInfo
CreateFileA
GetACP
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
SetStdHandle
SetEnvironmentVariableA
GetTickCount
CreateEventA
CloseHandle
GetDriveTypeA
HeapFree
HeapAlloc
GetLastError
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
CompareStringW
TlsGetValue
GetProcAddress
GetModuleFileNameA
GetTimeZoneInformation
FlushFileBuffers
SetFilePointer
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
ReadFile
WriteFile
GetEnvironmentStrings
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 624KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

485824fc9245c31cc4bd2d8c48f7e08b

Headers

File Characteristics

Imports

ddraw

dsound

dinput

winmm

user32

gdi32

ole32

kernel32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 624KB - Virtual size: 3.4MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 624KB - Virtual size: 3.4MB

.rsrc
Size: 4KB - Virtual size: 3KB