0a3bcdf62ca4331e1107fa65c1b406b1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0a3bcdf62ca4331e1107fa65c1b406b1_JaffaCakes118
Size

504KB
MD5

0a3bcdf62ca4331e1107fa65c1b406b1
SHA1

31a1db35c4885bbadef0f0362256c807a0322761
SHA256

13a84b1ba7bb72a6ea355ff36c65730d50bae2b3b8800bf91676d197fade763d
SHA512

f2ad8fd9a489a889f4984c48e202a9a44341a0c761f56c0f798c86a342f589bd53cf62abc1136ed4018be277178e8402d46eb9493d8743c7879eb0ef37295948
SSDEEP

12288:H79y9ucj7ffzJVwoV/G3cqWcVeDgYRMY3XUlAxHgHoSS:H70ucj73ddtqT0TMqdxyS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a3bcdf62ca4331e1107fa65c1b406b1_JaffaCakes118

Files

0a3bcdf62ca4331e1107fa65c1b406b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17a0b52e23052e701c3b6216cfd665ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Rectangle
GetTextExtentPoint32A
SelectObject
SetBkMode
GetStockObject
SetTextColor
CreateSolidBrush

comdlg32

GetFileTitleA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA

kernel32

FlushFileBuffers
GetFullPathNameA
lstrcatA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetCurrentDirectoryA
GetTempPathA
lstrcpyA
GetLogicalDrives
GetModuleFileNameA
WideCharToMultiByte
GetLastError
SystemTimeToFileTime
GetSystemTime
CompareFileTime
GetCommandLineA
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
WriteProfileStringA
GetShortPathNameA
CreateDirectoryA
DeleteFileA
GetDiskFreeSpaceA
GetTempFileNameA
CreateFileA
GetStdHandle
ReadFile
WriteFile
CloseHandle
SetEndOfFile
SetFilePointer
GetFileAttributesA
DeviceIoControl
GetVersionExA
SetFileAttributesA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
SetVolumeLabelA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetDriveTypeA
GetLocaleInfoA
HeapFree
RtlUnwind
HeapAlloc
RaiseException
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetLocalTime
MoveFileA
GetStartupInfoA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
HeapSize
GetCPInfo
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA

user32

GetClientRect
SystemParametersInfoA
MapWindowPoints
SetWindowPos
GetWindow
GetWindowLongA
RegisterClassExA
wsprintfA
LoadCursorA
GetParent
IsDlgButtonChecked
GetClassInfoExA
SendMessageA
DialogBoxParamA
SendDlgItemMessageA
DestroyMenu
TrackPopupMenu
SetWindowTextA
EndDialog
DispatchMessageA
GetMessageA
CheckDlgButton
LoadStringA
LoadIconA
UpdateWindow
SetWindowLongA
CreateWindowExA
IsWindow
ClientToScreen
GetWindowTextA
ReleaseCapture
SetCursor
SetCapture
CallWindowProcA
MessageBoxA
IsWindowEnabled
GetSysColor
InvalidateRect
EndPaint
DrawTextA
BeginPaint
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
TranslateMessage
IsDialogMessageA
PeekMessageA
DdeGetLastError
DdeClientTransaction
CharToOemBuffA
OemToCharBuffA
EnableWindow
SetFocus
GetDlgItemTextA
SetDlgItemTextA
PostQuitMessage
DefWindowProcA
GetCursorPos
GetWindowRect
ScreenToClient
ShowWindow
PostMessageA
GetDlgItem
CreatePopupMenu
RegisterClassA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegEnumKeyExA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 116KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17a0b52e23052e701c3b6216cfd665ef

Headers

File Characteristics

Imports

gdi32

comdlg32

shell32

kernel32

user32

advapi32

ole32

Sections

.text Size: - Virtual size: 158KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: - Virtual size: 51KB

.rsrc Size: 8KB - Virtual size: 16KB

.pklstb Size: 116KB - Virtual size: 132KB

.relo2 Size: 4KB - Virtual size: 60B

.text
Size: - Virtual size: 158KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: - Virtual size: 51KB

.rsrc
Size: 8KB - Virtual size: 16KB

.pklstb
Size: 116KB - Virtual size: 132KB

.relo2
Size: 4KB - Virtual size: 60B