010c02701d2f72873a0f0c03973bc73e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

010c02701d2f72873a0f0c03973bc73e_JaffaCakes118
Size

27KB
MD5

010c02701d2f72873a0f0c03973bc73e
SHA1

9502bdead755634749fe908fd67ddcfa8fae2747
SHA256

8b99399513ac71bff4cef79bdce384a743002c1da4409fede2f45f703c7b39bc
SHA512

528ce394daf40ad1b4f99b34eb4e62ad1f174d2176a2c0aab6137826dca63ef01f252cdfe5cb0389a1e0141fc561658a8506b5c481dee1f8ef4f5918a962118c
SSDEEP

384:0Lh9y0JdgLtB9EH3KMraWisw/g0VQ9kcwkeFdl50ko8vvyJk5LARjqYv:u9y0notBiH3KM0/nQQlRo839xAZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
010c02701d2f72873a0f0c03973bc73e_JaffaCakes118

Files

010c02701d2f72873a0f0c03973bc73e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

030b88e6e3eb34d48ceb810d51d03c37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLIPFORMAT_UserUnmarshal
HACCEL_UserUnmarshal
CoReleaseMarshalData
CoRevertToSelf
OleSetMenuDescriptor
HMETAFILEPICT_UserMarshal
OleSetContainedObject
ReadClassStm
CoTreatAsClass
StringFromCLSID
STGMEDIUM_UserUnmarshal
CreateClassMoniker
CoUnloadingWOW
CoSetProxyBlanket
OleRegEnumFormatEtc
CreateAntiMoniker
CoCopyProxy
HPALETTE_UserSize
HACCEL_UserSize
SNB_UserMarshal
CoGetMalloc
STGMEDIUM_UserSize

advapi32

RegLoadKeyW
ReadEventLogW
InitializeSid
CryptSetKeyParam
InitiateSystemShutdownA
OpenBackupEventLogW
LogonUserW
ObjectCloseAuditAlarmA
GetExplicitEntriesFromAclA
LookupAccountSidA
CryptGetKeyParam
CryptSignHashA
LookupSecurityDescriptorPartsW
RegOpenKeyExA
BuildSecurityDescriptorA
GetTrusteeNameA
NotifyChangeEventLog
ObjectCloseAuditAlarmW

user32

GetWindowDC
LoadKeyboardLayoutW
IsCharAlphaNumericW
GetMenuBarInfo
CopyIcon
SetProcessWindowStation
AdjustWindowRect
MapDialogRect
IsMenu
OemToCharBuffA
GetNextDlgGroupItem
CharUpperBuffW
ChildWindowFromPointEx
IsCharUpperW
CharUpperBuffA
GetMenuItemInfoW
TranslateAccelerator
ChangeDisplaySettingsExA
SwitchDesktop
GetComboBoxInfo
EndDialog
TileChildWindows
DefFrameProcW
DialogBoxIndirectParamW
SendMessageTimeoutW
GetCapture
DdeAddData
GetClipCursor
IsClipboardFormatAvailable
GetWindowTextLengthA
EnumDisplaySettingsExW
ScrollWindow
HiliteMenuItem
DestroyIcon
GetScrollPos
GetMenu
SystemParametersInfoA
DialogBoxParamA
IsZoomed

msvcrt

localtime
strncat
_mbscmp
_atoldbl
_fpieee_flt
_ismbbkprint
_tell
getwc
remove
_fpclass
_safe_fprem
isalnum
wprintf
_pclose
_getws
_putw
_CIatan2
_ismbcalpha
_wutime
wcspbrk
wcscpy
_nextafter
_wspawnlpe
fflush
swprintf
__iscsym
_wrename
_beep
__p__pwctype
_snprintf
__p__timezone
_wcslwr
_execl
_adj_fpatan
raise
_ismbbalnum
__p__pctype
__p__wenviron
system
_mbcjistojms
_ltoa
_wfsopen
_timezone
strerror
_mbsrchr
_ecvt
_CIexp
_CIsin
memcpy
_pgmptr
strtol
_wcsupr
acos
_getpid
_mbctoupper

gdi32

SetLayout
ModifyWorldTransform
GetTextExtentPointW
PolyPolygon
EnumObjects
EnumFontsA
GetTextCharsetInfo
EnumICMProfilesW
GetROP2
GetGraphicsMode
PolyTextOutA
GetICMProfileA
CombineRgn
GetObjectA
GetMiterLimit
GetObjectType
OffsetRgn
CancelDC
CreatePen
GetCharABCWidthsW
SetLayout
UpdateColors
GetStretchBltMode
CreateHalftonePalette
PlayEnhMetaFile
GdiGetBatchLimit
GetEnhMetaFileDescriptionW
GetArcDirection
GetCurrentPositionEx
GetPixel
CopyMetaFileA
EnumEnhMetaFile
GetTextMetricsA
CreateBitmap
SwapBuffers
GetTransform
GetTextCharset

kernel32

lstrcmpiW
LoadModule
PostQueuedCompletionStatus
GetVersionExW
lstrcmpW
GetProcessShutdownParameters
VirtualFree
GetLastError
GetProcAddress
CompareFileTime
SystemTimeToFileTime
lstrcatW
GetEnvironmentStrings
GetLocalTime
CompareStringW
TryEnterCriticalSection
FindFirstFileExA
lstrcmpiA
RemoveDirectoryW
GetStartupInfoW
SetErrorMode
GetOverlappedResult
HeapCompact
EnumResourceTypesA
RequestDeviceWakeup
CancelIo
ExitProcess
GetWindowsDirectoryA
GetStdHandle
Thread32Next
lstrcmpA
GetVersionExA
GetModuleHandleW
FreeLibrary
Beep
SetConsoleCursorPosition
GetCommandLineW
GetThreadTimes
DisableThreadLibraryCalls
GetProcessHeap
lstrlenA
VirtualAlloc
BeginUpdateResourceA
ScrollConsoleScreenBufferA
CommConfigDialogA
GetTickCount
GetTimeFormatA
GetModuleHandleA

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zzomk
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jocs
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eirvv
Size: 3KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

030b88e6e3eb34d48ceb810d51d03c37

Headers

File Characteristics

Imports

ole32

advapi32

user32

msvcrt

gdi32

kernel32

Sections

.text Size: 15KB - Virtual size: 16KB

.zzomk Size: 4KB - Virtual size: 11KB

.jocs Size: 3KB - Virtual size: 10KB

.eirvv Size: 3KB - Virtual size: 23KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 16KB

.zzomk
Size: 4KB - Virtual size: 11KB

.jocs
Size: 3KB - Virtual size: 10KB

.eirvv
Size: 3KB - Virtual size: 23KB

.reloc
Size: 1024B - Virtual size: 1KB