0a202106918de8f2d81d00013b1c5728_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0a202106918de8f2d81d00013b1c5728_JaffaCakes118
Size

210KB
MD5

0a202106918de8f2d81d00013b1c5728
SHA1

ef7980af4ccb30b9b078702224c2de906f058b8f
SHA256

51fb8802b1d7fe73a8b70f198cfe9cea0a791023bc0fc30862a6a1fcfd1a0f1c
SHA512

1322893a1515d24d24c6951e5bc12777c1fd2eb136ed3603b7107045efea3d239817200d1a2e1910dc3fa38dbb52e86adb6261c6d6040326ad02af159498e3ea
SSDEEP

6144:fLNQvdH41NCU3+PxWbpTqYf7hMLuxxvx/bI:JqE+odf7hJ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a202106918de8f2d81d00013b1c5728_JaffaCakes118

Files

0a202106918de8f2d81d00013b1c5728_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05871064a4d880e9f5c795991751ec8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegQueryInfoKeyA

version

GetFileVersionInfoA
VerFindFileA
VerInstallFileA

comctl32

ImageList_Write
ImageList_Destroy
ImageList_GetBkColor
ImageList_Create
ImageList_DrawEx
ImageList_Remove

kernel32

RaiseException
FindFirstFileA
GetStartupInfoA
GetProcAddress
GlobalAlloc
CreateFileA
LockResource
LoadResource
VirtualQuery
GetVersionExA
CompareStringA
GetModuleFileNameA
SetHandleCount
ReadFile
CreateEventA
HeapDestroy
GetUserDefaultLCID
SetEndOfFile
GetLastError
GetDateFormatA
FindResourceA
LocalAlloc
GetOEMCP
VirtualAllocEx
SetLastError
SetThreadLocale
GetProcessHeap
WideCharToMultiByte
SizeofResource
GetFileType
GlobalDeleteAtom
LoadLibraryExA
SetEvent
ResetEvent
CreateThread
GetFullPathNameA
GetACP
HeapFree
GetVersion
MoveFileExA
GetCPInfo
lstrcpyA
GetCurrentProcess
GetCurrentThread
GetThreadLocale
lstrcpynA
lstrcatA
GlobalAddAtomA
GetFileAttributesA
GetCurrentThreadId
GlobalFindAtomA
EnterCriticalSection
EnumCalendarInfoA
WriteFile
WaitForSingleObject
ExitProcess
DeleteCriticalSection
GetSystemDefaultLangID
lstrcmpiA
GetFileSize
VirtualAlloc
MoveFileA
FormatMessageA
GetLocalTime
GetEnvironmentStrings
LoadLibraryA
GetStringTypeW
GetCommandLineA
VirtualFree
SetErrorMode
FreeResource
FindClose
GetStdHandle
Sleep
LocalFree
GetLocaleInfoA

msvcrt

exit
clock
wcscspn
wcschr
tolower
memset
wcsncmp

comdlg32

ChooseColorA
GetOpenFileNameA
FindTextA
GetFileTitleA
GetSaveFileNameA

user32

KillTimer
SetWindowTextA
FillRect
GetSysColor
RedrawWindow
GetMenuItemID
IsChild
SendMessageA
ScrollWindow
FrameRect
GetActiveWindow
CharToOemA
GetCapture
DeleteMenu
CloseClipboard
GetClassInfoA
MessageBoxA
GetSystemMenu
SetScrollPos
GetTopWindow
EmptyClipboard
EnumChildWindows
CharNextW
GetParent
MsgWaitForMultipleObjects
IntersectRect
MessageBeep
CheckMenuItem
CharNextA
ChildWindowFromPoint
GetDesktopWindow
UnhookWindowsHookEx
AdjustWindowRectEx
GetWindowThreadProcessId
SetClassLongA
ClientToScreen
ShowWindow
SetForegroundWindow
PtInRect
SetCursor
LoadBitmapA
GetClassNameA
CallNextHookEx
CharUpperBuffA
MapWindowPoints
RegisterClipboardFormatA
DrawIcon
SetMenu
GetMenuItemInfoA
InsertMenuA
EqualRect
SetMenuItemInfoA
SetWindowLongA
SetActiveWindow
IsZoomed
RemoveMenu
GetKeyState
EndPaint
OpenClipboard
GetCursorPos
CharLowerA
DefFrameProcA
SetWindowPos
DestroyWindow
GetScrollRange
DrawIconEx
GetKeyboardLayoutList
WaitMessage
OffsetRect
SetScrollRange
RemovePropA
GetMenuStringA
CreateMenu
GetFocus
DrawEdge
GetDlgItem
DrawTextA
GetWindowLongW
GetForegroundWindow
DestroyIcon
TranslateMessage
GetKeyboardType
GetDC
MoveWindow
DrawFrameControl
GetDCEx
GetWindowPlacement
WindowFromPoint
UpdateWindow
SetParent
LoadCursorA
TrackPopupMenu
SetPropA
GetPropA
DefMDIChildProcA
CreateWindowExA
DispatchMessageA
LoadIconA
GetKeyboardLayoutNameA
SetRect
InvalidateRect
GetClassLongA
DestroyMenu
SendMessageW
SystemParametersInfoA
IsRectEmpty
GetCursor
EnumThreadWindows
GetWindowTextA
IsWindowEnabled
InflateRect
ShowScrollBar
FindWindowA
LoadKeyboardLayoutA
GetMessagePos
PostQuitMessage
SetWindowsHookExA
UnregisterClassA
GetSubMenu
CallWindowProcA
GetMenuItemCount
PeekMessageW
MapVirtualKeyA
GetSystemMetrics
IsDialogMessageA
PeekMessageA
GetScrollPos
GetKeyboardLayout
TranslateMDISysAccel
GetWindowRect
LoadStringA
CharLowerBuffA
GetScrollInfo
CreateIcon
IsWindowVisible
CreatePopupMenu
GetMenu
GetIconInfo
GetWindowDC
wsprintfA
RegisterWindowMessageA
IsDialogMessageW
SetWindowLongW
ScreenToClient
ShowOwnedPopups
ReleaseCapture
EnableMenuItem
GetLastActivePopup
EnableWindow
GetClipboardData
DrawMenuBar
GetSysColorBrush
InsertMenuItemA
DestroyCursor
SetCapture
GetKeyboardState
IsWindowUnicode
EnumWindows
SetScrollInfo
SetClipboardData
RegisterClassA
GetKeyNameTextA
SetWindowPlacement
ReleaseDC
OemToCharA
EnableScrollBar
SetTimer
IsWindow
IsIconic
GetWindow
DrawAnimatedRects

gdi32

CreateCompatibleDC
SetBkColor
CreateBitmap
GetBitmapBits

shell32

SHGetFileInfoA
DragQueryFileA
SHFileOperationA
SHGetSpecialFolderLocation

ole32

CoDisconnectObject
OleRun
ReleaseStgMedium
CoCreateInstanceEx
CreateBindCtx
CreateStreamOnHGlobal

oleaut32

SysFreeString
GetErrorInfo
OleLoadPicture
SafeArrayPtrOfIndex
SafeArrayCreate

Sections

CODE
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05871064a4d880e9f5c795991751ec8b

Headers

File Characteristics

Imports

advapi32

version

comctl32

kernel32

msvcrt

comdlg32

user32

gdi32

shell32

ole32

oleaut32

Sections

CODE Size: 69KB - Virtual size: 69KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 21KB - Virtual size: 20KB

BSS Size: 42KB - Virtual size: 41KB

text Size: 512B - Virtual size: 56B

.edata Size: 512B - Virtual size: 24B

DATA Size: 1KB - Virtual size: 1KB

INIT Size: 7KB - Virtual size: 7KB

.tls Size: 2KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 16KB

CODE
Size: 69KB - Virtual size: 69KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 21KB - Virtual size: 20KB

BSS
Size: 42KB - Virtual size: 41KB

text
Size: 512B - Virtual size: 56B

.edata
Size: 512B - Virtual size: 24B

DATA
Size: 1KB - Virtual size: 1KB

INIT
Size: 7KB - Virtual size: 7KB

.tls
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 16KB