02c7d23899b6aac6a6abde530b257dd9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02c7d23899b6aac6a6abde530b257dd9_JaffaCakes118
Size

372KB
MD5

02c7d23899b6aac6a6abde530b257dd9
SHA1

2ddeb0aade3b46680d909b3675c7e77c83883670
SHA256

00ecdc56470423fab3d0b9456f7e163afbaaa519c0cd7391302158d157406f56
SHA512

488205dc1374fd73c052665e638287603178fbe062e887e23a8df151335ffbf8f05aca9d66975b086b9d65106cfcd0c9dbc2b01616931bd3cd156ace8022fb27
SSDEEP

6144:9Whu/e08zfomA73euy3/TUxiLmuEY9CmO98jbyEr:9Whz5A7euyvaDpY9C59ri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02c7d23899b6aac6a6abde530b257dd9_JaffaCakes118

Files

02c7d23899b6aac6a6abde530b257dd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6fe772ff7c561bf048cc82770d3af96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ohysa

Imports

comctl32

CreateToolbar
GetEffectiveClientRect
InitCommonControlsEx

user32

DestroyWindow
InsertMenuA
CreateWindowExW
ReplyMessage
MessageBoxIndirectW
EnumDisplayMonitors
CharPrevA
TrackMouseEvent
CreateDialogIndirectParamW
InsertMenuW
SetWindowTextA
MessageBoxW
RegisterClassA
DefWindowProcA
MessageBoxExA
IsCharAlphaA
SetClassWord
DdeDisconnectList
GetUpdateRgn
GetGuiResources
GetFocus
CheckDlgButton
SetRectEmpty
RegisterClassExA
SetThreadDesktop
EnumPropsA
DragDetect
DefDlgProcA
SetWindowLongW
CharNextA
UnregisterHotKey
GetQueueStatus
DdeQueryStringW
EnumWindowStationsA
FindWindowW
DdeAccessData
CharUpperBuffA
GetComboBoxInfo
OffsetRect
SendDlgItemMessageW
ShowWindow
GetDC

kernel32

GetVersionExA
LockFile
SetEnvironmentVariableA
VirtualAlloc
MultiByteToWideChar
GetStringTypeW
GetOEMCP
SetThreadAffinityMask
GetStartupInfoA
HeapCreate
IsBadWritePtr
GlobalFlags
GetLastError
GlobalUnlock
CompareFileTime
GetModuleHandleA
GlobalReAlloc
RtlUnwind
GetProfileSectionA
GetModuleFileNameA
HeapReAlloc
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCPInfo
OpenMutexA
MoveFileExW
GetEnvironmentStringsW
FormatMessageW
VirtualProtect
FreeEnvironmentStringsW
LocalSize
ReadFile
SetHandleCount
DeleteFiber
GetVersionExW
EnumResourceNamesW
GetMailslotInfo
OpenWaitableTimerW
VirtualFree
GetStdHandle
GetDiskFreeSpaceW
MoveFileW
TlsGetValue
ExitThread
lstrcpyn
EnumSystemLocalesA
GetDateFormatA
ReadConsoleOutputA
GetLocaleInfoA
InterlockedExchange
GetProcAddress
HeapDestroy
EnumSystemCodePagesW
SetComputerNameW
GetLogicalDriveStringsW
GetProfileIntA
FreeEnvironmentStringsA
GetACP
GetStringTypeA
DeleteAtom
GetSystemDefaultLangID
HeapFree
SetVolumeLabelA
InitializeCriticalSection
LoadLibraryA
GetCurrentProcess
GetTimeFormatA
WriteProfileStringA
HeapSize
WritePrivateProfileStructW
GetSystemInfo
CompareStringW
ExitProcess
TerminateProcess
WaitForMultipleObjectsEx
SetStdHandle
CloseHandle
InterlockedExchangeAdd
LCMapStringW
CreateSemaphoreA
WriteConsoleOutputCharacterW
SetThreadContext
CompareStringA
UnhandledExceptionFilter
LockFileEx
VirtualQuery
WriteFile
FileTimeToDosDateTime
CreateMutexA
FoldStringA
IsValidCodePage
LockResource
EnterCriticalSection
GetWindowsDirectoryA
TransactNamedPipe
GetLocaleInfoW
TlsAlloc
GetEnvironmentStrings
GetCurrentThreadId
TlsFree
LeaveCriticalSection
CreateFileMappingW
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetTickCount
DeleteCriticalSection
GetConsoleTitleA
HeapAlloc
WritePrivateProfileStringA
OpenFile
IsValidLocale
SetTimeZoneInformation
LCMapStringA
WideCharToMultiByte
CreateDirectoryW
OpenProcess
GetCurrentThread
SetLastError
GetCurrentProcessId
GetComputerNameA
SetFilePointer
FlushFileBuffers
TlsSetValue
SetFileTime
GetCommandLineA
GetPrivateProfileSectionW
GetUserDefaultLCID
GetFileType

wininet

InternetUnlockRequestFile
InternetCreateUrlA
InternetSecurityProtocolToStringA
InternetConfirmZoneCrossingW
InternetSetCookieW
GopherFindFirstFileA
IsUrlCacheEntryExpiredA
DetectAutoProxyUrl
InternetShowSecurityInfoByURL

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6fe772ff7c561bf048cc82770d3af96

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

wininet

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 96KB - Virtual size: 121KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 96KB - Virtual size: 121KB

.rsrc
Size: 64KB - Virtual size: 60KB