0fa842c4eff04683764201f69412f041_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fa842c4eff04683764201f69412f041_JaffaCakes118
Size

367KB
MD5

0fa842c4eff04683764201f69412f041
SHA1

c15aa4a60bad6741329410bdbed490fbaa1ad3dd
SHA256

7faa906ba515b186f2df931957fe9fac98666c0fffe91710dd9e5fc98a79cc6d
SHA512

f4f7996288261450c848f54d3412b6017b14f2c40ae2d7a835f55a31075ce1215c039269da922585c0b0cb61ad43d6df07d9b00442525015149c3c4ff08af755
SSDEEP

6144:K5ysj2+XK0hdbUWgqYt4Jz1OqFEGuQR3K/Bscy2NxHRWDQI2zx6yyPPXx:AdbUWgqYt4JAqXuQResR2/xW5o8HXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa842c4eff04683764201f69412f041_JaffaCakes118

Files

0fa842c4eff04683764201f69412f041_JaffaCakes118
.exe windows:5 windows x86 arch:x86

952ec8a4ce367e71bbf53044155f94dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

PDB Paths

O:\You\componentsthat\too\merges\c.pdb

Imports

kernel32

LoadLibraryW
FlushFileBuffers
HeapReAlloc
SetFilePointer
WriteConsoleW
HeapSize
GetStringTypeW
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
HeapCreate
ExitProcess
DeleteCriticalSection
SetHandleCount
Sleep
GetConsoleMode
GetConsoleCP
WriteFile
IsProcessorFeaturePresent
ReadFile
GlobalUnlock
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
SetLastError
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
RaiseException
CreateFileW
CloseHandle
FreeLibrary
GetFileAttributesW
GetLastError
GetProcessHeaps
GetProcAddress
lstrcpyW
lstrlenW
GlobalLock
HeapAlloc
GetCurrentProcess
GlobalSize
LoadLibraryA
AllocConsole
GetStdHandle
SetConsoleScreenBufferSize
GetVersion
GetSystemInfo
GetProcessHeap
HeapFree
GetCurrentThreadId
GetCommandLineW
GetModuleHandleA
TerminateProcess

user32

SetDlgItemInt
LoadMenuA
GetDlgItem
GetMenuItemInfoA
SetClipboardData
LoadCursorA
CloseClipboard
GetClientRect
IsWindowEnabled
GetWindowTextLengthA
SendDlgItemMessageA
GetDialogBaseUnits
SendMessageA
BeginPaint
DrawTextW
EndPaint
InvalidateRect
DefWindowProcA
LoadIconA
RegisterClassExA
MessageBoxA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
FillRect
GetSystemMetrics
LoadImageA
DestroyIcon
GetDC
EnumDesktopsA
AppendMenuA
CreatePopupMenu
GetWindowTextA
GetWindowRect
FindWindowExA
SetWindowPos
GetParent
SetDlgItemTextA
MoveWindow
SetWindowLongA
EndDialog
ScreenToClient
CreateWindowExW
PostThreadMessageA
CheckRadioButton
IsDlgButtonChecked
OpenClipboard
EnumClipboardFormats
GetClipboardFormatNameA
GetClipboardData
LoadBitmapA
SetWindowTextA
PostQuitMessage
GetMenu
GetDesktopWindow
GetMenuCheckMarkDimensions
ReleaseDC
GetDlgItemTextA
GetWindowLongA
OffsetRect
InflateRect
GetSysColorBrush
IsWindow
DestroyWindow

gdi32

CreateFontW
SelectObject
BitBlt
SetBkMode
GetStockObject
DeleteObject
CreateCompatibleDC
CreateBitmap
PatBlt
Ellipse
DeleteDC
SelectPalette
SelectClipPath
SetTextColor

comdlg32

FindTextW

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

shell32

CommandLineToArgvW
SHGetFileInfoA

ole32

CoInitializeEx
CoGetInterfaceAndReleaseStream
CoUninitialize

odbc32

ord36
ord136

ws2_32

gethostname

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageA

gdiplus

GdipGetDpiX
GdiplusStartup
GdipDeleteGraphics
GdipCreateFromHDC

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiGetClassInstallParamsA
SetupDiSetClassInstallParamsA
SetupDiSetDeviceRegistryPropertyA

rasapi32

RasGetConnectionStatistics

dxva2

GetMonitorDisplayAreaSize

Exports

Exports

Init

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gave
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

952ec8a4ce367e71bbf53044155f94dc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

odbc32

ws2_32

comctl32

gdiplus

setupapi

rasapi32

dxva2

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 232KB - Virtual size: 231KB

.data Size: 8KB - Virtual size: 15KB

.gave Size: 2KB - Virtual size: 2KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 8KB - Virtual size: 15KB

.gave
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 9KB - Virtual size: 9KB