0a6726f946438dec1cc116326ec872e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a6726f946438dec1cc116326ec872e5_JaffaCakes118
Size

213KB
MD5

0a6726f946438dec1cc116326ec872e5
SHA1

fcf116386632866c2c8d8011d6d99c06411216dc
SHA256

f09a0bf872d48937851f14ffed29c92c6a62f16c31fe20bf7ca061e83889cb11
SHA512

5f25ae8c0ce8dd344b868dcdf49d09b65de729969b9ceabd41c385254e6779e4bb110b2085ba00aecf9c356c9b28a00e70eb925fd3b27c27bb0181a86a9165b3
SSDEEP

3072:Elkn00s7vqlDyHrVK2f8VoEmY8bHozXSXprsugJmqN6wEdRmA:Ela0JC4K2fiolSXSZrsnJmnw4RD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a6726f946438dec1cc116326ec872e5_JaffaCakes118

Files

0a6726f946438dec1cc116326ec872e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

283f8ff138781352bd79f57abba73d9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
CryptCreateHash
EqualSid
RegDeleteKeyW
RegOpenKeyW
RevertToSelf

gdi32

AddFontResourceA
Arc
CloseMetaFile
CreateDCA
CreateFontW
Ellipse
EndPage
EnumMetaFile
Escape
GetTextAlign
GetTextExtentPointA
GetTextFaceW
GetTextMetricsA
PtVisible
SetMapMode
SetMetaFileBitsEx
SetTextCharacterExtra
SetViewportOrgEx
StretchBlt

kernel32

ExitThread
FindNextFileW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetFileSize
GetFullPathNameA
GetStringTypeA
GetSystemTime
GetSystemTimeAsFileTime
GlobalFindAtomA
GlobalFree
HeapFree
InterlockedDecrement
LoadLibraryW
LocalFree
RaiseException
WriteConsoleA
WritePrivateProfileStringA
lstrcatA
lstrcpynA

user32

CallNextHookEx
GetClassInfoA
GetClassNameA
GetParent
GetScrollInfo
GetSysColorBrush
GetWindowTextA
IsWindow
IsWindowVisible
SetActiveWindow
UnregisterClassA

comctl32

CreatePropertySheetPageA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_Add
ImageList_Create
ImageList_DragEnter
ImageList_DragLeave
ImageList_Draw
ImageList_DrawEx
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_SetOverlayImage

ole32

CoCreateInstance
CoGetMalloc
CoInitializeEx
CoReleaseMarshalData
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemRealloc
CreateItemMoniker
IIDFromString
OleFlushClipboard
OleInitialize
ProgIDFromCLSID
RegisterDragDrop
StringFromIID

shell32

DragFinish
DragQueryFileW
ExtractAssociatedIconW
ExtractIconA
ExtractIconW
SHAddToRecentDocs
SHBrowseForFolderW
SHFileOperationA
SHGetFileInfo
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDList
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteExA
ShellExecuteExW

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

8JzN5WWX
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

283f8ff138781352bd79f57abba73d9c

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

comctl32

ole32

shell32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 21KB - Virtual size: 20KB

8JzN5WWX Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 21KB - Virtual size: 20KB

8JzN5WWX
Size: 2KB - Virtual size: 120KB