0f95a376bbd6e80a714f4bdea98f909f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f95a376bbd6e80a714f4bdea98f909f_JaffaCakes118
Size

147KB
MD5

0f95a376bbd6e80a714f4bdea98f909f
SHA1

68b174bf199577c688a2b67ffab6f5fd90479d00
SHA256

77494839a8919aaf21314b36d74146cfb6e4be3a710bd91b9baf0eb9abf75066
SHA512

f3af4011ca2bb93d6e76a11d442975bbd1b12b07133ffc4a07d3867841a49d191adc72e9f563643bb19b3d78e45c0b321137cda2a36c7f55cc4a189e55e42a54
SSDEEP

1536:7TRIN/fDZKnXfBepD7Dt0HddHPvCvwx7hLjg3ffmB63lGin72l2iSPHheik/7S+n:71UfYZMoa4x7xjgWgV578gfb3honmYAU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f95a376bbd6e80a714f4bdea98f909f_JaffaCakes118

Files

0f95a376bbd6e80a714f4bdea98f909f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2cdef6b14a032772a563c87cb7b6aa69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentStrings
GlobalLock
WaitForSingleObject
GetModuleHandleA
SetErrorMode
RaiseException
GetStartupInfoA
lstrcmpiW
VirtualProtect
GetDiskFreeSpaceA
GetSystemDirectoryW
GetStartupInfoW

msvcrt

_except_handler3
_acmdln
_initterm
_XcptFilter
qsort
__set_app_type
_isctype
__getmainargs
log
_adjust_fdiv
__p__fmode
__p__commode
exit
__setusermatherr

user32

PtInRect
GetMenuItemID
ReleaseCapture
GetDlgItem
FrameRect
GetParent
GetCursorPos
InflateRect
ShowCursor
WindowFromPoint
SetClassLongA
CreateMenu
GetSystemMetrics
SetMenu

ole32

DoDragDrop
RegisterDragDrop
CoUninitialize
CoReleaseMarshalData
CoRegisterMessageFilter
IsAccelerator
CoRevokeClassObject

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerInstallFileA
VerInstallFileW
VerQueryValueA
VerLanguageNameA

comctl32

ImageList_SetDragCursorImage
CreateToolbarEx
InitializeFlatSB
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_BeginDrag
PropertySheetA
ImageList_Replace
ImageList_Draw

shell32

SHAppBarMessage
ShellExecuteW
SHAddToRecentDocs
DragQueryFileW
SHGetSpecialFolderPathW
Shell_NotifyIconA
SHGetFolderLocation
SHGetFolderPathW
SHGetFolderPathA
SHFileOperationW
ExtractIconA

gdi32

CreateEnhMetaFileA
AbortDoc
CreateSolidBrush
SetColorAdjustment
SetViewportExtEx
SetBkColor
GetDeviceCaps
AddFontResourceA

advapi32

CryptCreateHash
CryptAcquireContextA
AdjustTokenPrivileges
SetSecurityDescriptorOwner
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyW
RegQueryInfoKeyA
GetSecurityDescriptorDacl
GetLengthSid
RegSetValueExA
CloseServiceHandle

oleaut32

VariantCopy
SafeArrayUnaccessData
SafeArrayRedim
SysReAllocStringLen
CreateErrorInfo
VariantCopyInd
VariantClear
SafeArrayCreate
GetErrorInfo
SysStringByteLen

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2cdef6b14a032772a563c87cb7b6aa69

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

version

comctl32

shell32

gdi32

advapi32

oleaut32

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 34KB - Virtual size: 114KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 34KB - Virtual size: 114KB