0b1169f06be99ae19ee8b948d3218613_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b1169f06be99ae19ee8b948d3218613_JaffaCakes118
Size

292KB
MD5

0b1169f06be99ae19ee8b948d3218613
SHA1

54758f9038d90e5b285f8e2be04e1567f14593c3
SHA256

557fc319c5bb07fead6e758bba4d9a7a5d429773cbee73ed77c6216ee86a3b90
SHA512

c1633927dfdde0ada9fc4db5b53c2d5bbaeb5f3379f72c2c631fa6bc43d5ee062dd0ba7f300fe10bf287c5a23402e2d2aa0543b8aab2d6d1aeeb2212ca4b20be
SSDEEP

3072:FoR5WfYffpVkWc4PMhGnqwyyPlJ0B5DLdiFsdYwSu3aBxpjOuP9Li5oT:InrMhGnqwyQAHV6UaDpjX9O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b1169f06be99ae19ee8b948d3218613_JaffaCakes118

Files

0b1169f06be99ae19ee8b948d3218613_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1140b2ae93f4d7b59ae4e9976982379

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
WinExec
GetLogicalDrives
QueryDosDeviceA
SetFileAttributesA
CompareStringW
CompareStringA
SetEndOfFile
ReadFile
LCMapStringW
CreateDirectoryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
GetStringTypeW
GetStringTypeA
SetConsoleCtrlHandler
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RaiseException
SetStdHandle
FlushFileBuffers
GetFileType
SetHandleCount
GetModuleFileNameA
CopyFileA
lstrlenA
OpenFile
MultiByteToWideChar
_lread
_lclose
LCMapStringA
GetTickCount
WideCharToMultiByte
CloseHandle
VirtualAlloc
GetCurrentProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLastError
SetFilePointer
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
SetEnvironmentVariableA

ddraw

DirectDrawCreateEx

dinput8

DirectInput8Create

dsound

ord1

winmm

mmioDescend
mmioRead
mmioClose
mmioOpenA
mmioAscend

user32

GetWindowRect
DefWindowProcA
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetWindowLongA
GetMenu
AdjustWindowRectEx
MoveWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SendMessageA
BeginPaint
EndPaint

gdi32

TextOutA
SetBkMode
SetTextColor
GetStockObject

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e1140b2ae93f4d7b59ae4e9976982379

Headers

File Characteristics

Imports

kernel32

ddraw

dinput8

dsound

winmm

user32

gdi32

advapi32

ole32

Sections

.text Size: 248KB - Virtual size: 248KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 43KB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 248KB - Virtual size: 248KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 43KB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB