0fa7205c9635cae1bfee33950b11b6c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fa7205c9635cae1bfee33950b11b6c8_JaffaCakes118
Size

902KB
MD5

0fa7205c9635cae1bfee33950b11b6c8
SHA1

bdac337264fbd8c74da9aa1fa8bf4ea46c55308c
SHA256

e345918cd0083d4b1f5b2dc3c5d7b7c780fd19dfbb1c677bd482718bf034c14f
SHA512

8c7603471798a80b62adb9749452855530749582a5e8cacba762a4a195d846126293332ce217ab2095b9a163ac97a5a57ff0d6d3ae3dcc79b8ab10a98c8b3ff1
SSDEEP

24576:kNzKZsysUfcJZV7gjgjPHRS1BpmlNSa0LQ:azKZU+ZsjIbslNS3M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa7205c9635cae1bfee33950b11b6c8_JaffaCakes118

Files

0fa7205c9635cae1bfee33950b11b6c8_JaffaCakes118
.exe windows:6 windows x86 arch:x86

6d4dd5158094aa45029e3886bf0a8e12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
GetProcessHeap
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
IsDebuggerPresent
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetModuleFileNameW
IsProcessorFeaturePresent
GetModuleHandleW
GetStartupInfoW
WaitForSingleObject
TlsSetValue
MapViewOfFile
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetCommandLineW
HeapAlloc
AreFileApisANSI
GetModuleHandleExW
ExitProcess
LoadLibraryExW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
SetStdHandle
WriteConsoleW
ReadConsoleW
OutputDebugStringW
CreateFileW
SetEndOfFile
WideCharToMultiByte
OpenFileMappingA
OpenEventA
CreateEventA
_lclose
_lread
_lopen
UnmapViewOfFile
GetLastError
VirtualAlloc
GlobalAlloc
GetProcAddress
HeapFree
RtlUnwind
RaiseException
GetStringTypeW
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
CloseHandle
TlsFree
GetModuleHandleA

user32

GetWindowTextLengthW
SendMessageW
GetWindowTextW
MessageBoxW
EndPaint
BeginPaint
GetMessageA
DispatchMessageA
TranslateMessage
DispatchMessageW
DefWindowProcW
LoadIconW
InvalidateRect
LoadCursorW
UpdateWindow
TranslateAcceleratorW
PostQuitMessage
RegisterClassExW
LoadAcceleratorsW
ShowWindow
DestroyWindow
GetMessageW
MessageBoxA
ChangeWindowMessageFilter
LoadImageA
DestroyIcon
LoadIconA
LoadCursorA
OffsetRect
DrawFocusRect
ClientToScreen
GetCursorPos
SetCursor
ExitWindowsEx
SetWindowContextHelpId
GetClientRect
GetWindowTextA
SetWindowTextA
ReleaseDC
GetDCEx
GetDC
GetForegroundWindow
TrackPopupMenu
CheckMenuItem
GetSystemMetrics
SetTimer
GetKeyState
GetFocus
SetFocus
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
IsDlgButtonChecked
GetDlgItem
IsWindow
CreateWindowExA
RegisterClassA
DefWindowProcA
WaitForInputIdle
SendMessageA
CreateWindowExW

gdi32

MoveToEx
GetObjectA
GetTextMetricsA
SetTextAlign
SetMapMode
SelectObject
PatBlt
GetTextAlign
GetDeviceCaps
GetCurrentObject
DeleteObject
DeleteDC
CreateFontA
CreateEllipticRgn
CreateCompatibleDC
CreateBitmapIndirect
BitBlt
TextOutW
GetObjectW
GetStockObject
FillRgn
CreateSolidBrush
CreateRectRgn
CreateFontW
SetWindowExtEx

advapi32

RegOpenKeyExA
RegCloseKey
ImpersonateLoggedOnUser

shell32

ExtractIconExA
SHBrowseForFolderA
DragFinish
DragAcceptFiles
DragQueryFileA

ole32

StringFromCLSID
CoTaskMemFree

oleaut32

LoadTypeLi

odbc32

ord41

comctl32

InitCommonControlsEx

ws2_32

WSAStartup
gethostname
gethostbyname
socket
send
recv
listen
htons
closesocket
bind
accept

winmm

waveInReset
waveOutBreakLoop

crypt32

CertGetNameStringA

shlwapi

StrChrA
PathAppendA

pdh

PdhCollectQueryData

setupapi

CM_Free_Res_Des_Handle
CM_Free_Resource_Conflict_Handle

uxtheme

DrawThemeBackground

urlmon

GetClassURL
GetClassFileOrMime

tapi32

phoneGetVolume

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 656KB - Virtual size: 655KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d4dd5158094aa45029e3886bf0a8e12

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

odbc32

comctl32

ws2_32

winmm

crypt32

shlwapi

pdh

setupapi

uxtheme

urlmon

tapi32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 73KB - Virtual size: 72KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 656KB - Virtual size: 655KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 73KB - Virtual size: 72KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 656KB - Virtual size: 655KB