0fbf6700ba521a61b09383847779e477_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fbf6700ba521a61b09383847779e477_JaffaCakes118
Size

453KB
MD5

0fbf6700ba521a61b09383847779e477
SHA1

e613a102561a51b5a5431b84fb9c0ec313e887aa
SHA256

e0ba67f4344b20c8d24c1a1d06310a80915a13d083e97ae66b74f9cd18599972
SHA512

9ad53b6e201894b7f3f3fa926d12703a6ffdfc4dd2bddf9ac1cf9eebe411ffd5f979746e09c819b6b10413315b5de781bf9c61b52331ffd87b606bf28e28a8ac
SSDEEP

6144:WDVROl91VXD3mQUbd7QIqinAqKA1u4aug9RRAe2mThFs0D2jxhyNXZp9:+U91RmBbiI7nAqKfFugnAJ82jxW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fbf6700ba521a61b09383847779e477_JaffaCakes118

Files

0fbf6700ba521a61b09383847779e477_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26b6d19c108ecf9d07b3c2914cc00a0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentProcess
DosDateTimeToFileTime
GetSystemTime
SetHandleCount
CompareStringW
GetStringTypeW
GetCurrentThreadId
LCMapStringA
HeapReAlloc
IsValidCodePage
GetSystemTimeAsFileTime
GetDateFormatA
QueryPerformanceCounter
IsDebuggerPresent
MultiByteToWideChar
GetTimeFormatA
SetConsoleCtrlHandler
TerminateProcess
GetCPInfo
InterlockedIncrement
ReadConsoleOutputCharacterW
FreeEnvironmentStringsW
WriteFile
HeapFree
FreeLibrary
HeapAlloc
GetEnvironmentStringsW
GetStringTypeA
GetModuleFileNameA
HeapDestroy
ExitProcess
UnmapViewOfFile
SetEnvironmentVariableA
TlsGetValue
LoadLibraryA
WideCharToMultiByte
TlsAlloc
GetUserDefaultLCID
GetStartupInfoA
GetCommandLineA
FreeEnvironmentStringsA
InterlockedDecrement
UnhandledExceptionFilter
GetACP
TlsSetValue
CompareStringA
EnumSystemLocalesA
GetUserDefaultLangID
GetStdHandle
HeapCreate
EnterCriticalSection
GetCurrentThread
ReadConsoleOutputW
LeaveCriticalSection
GetTimeZoneInformation
GetFileType
VirtualAlloc
WaitForSingleObject
LCMapStringW
VirtualQuery
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetLocaleInfoA
SetLastError
SetUnhandledExceptionFilter
HeapSize
GetCurrentProcessId
GetModuleHandleW
InterlockedExchange
TlsFree
GetExitCodeThread
GetEnvironmentStrings
GetTickCount
RtlUnwind
Sleep
GetProcAddress
VirtualFree
GetOEMCP
WaitNamedPipeA
IsValidLocale
GetLocaleInfoW

shell32

SHFileOperationW

wininet

GetUrlCacheHeaderData
FtpGetFileA
CommitUrlCacheEntryW

comdlg32

GetOpenFileNameA
FindTextW
GetFileTitleW
ChooseFontW

user32

BeginDeferWindowPos
CreateDesktopW
SetSystemCursor
EnumPropsW
ToAscii
DragDetect
DeleteMenu
IsCharLowerA
DdeSetQualityOfService
AppendMenuA
DdeCreateDataHandle
SetTimer
InflateRect
TabbedTextOutW
DdeAccessData
SetUserObjectInformationA
CreateWindowExA
VkKeyScanExW
InSendMessageEx
CreateWindowStationA

advapi32

RegDeleteKeyW
CryptSetHashParam
RegEnumKeyExA
RegCreateKeyA
CryptEnumProvidersW
RegOpenKeyExA
CryptDuplicateHash
CryptDestroyHash
DuplicateToken
CryptSignHashA
CryptVerifySignatureA
RegReplaceKeyW
GetUserNameA
RegSetValueExA
LookupPrivilegeNameA
LookupPrivilegeValueA
RegNotifyChangeKeyValue
CryptGetProvParam
InitializeSecurityDescriptor

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26b6d19c108ecf9d07b3c2914cc00a0a

Headers

File Characteristics

Imports

kernel32

shell32

wininet

comdlg32

user32

advapi32

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 9KB - Virtual size: 23KB

.data Size: 284KB - Virtual size: 284KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 9KB - Virtual size: 23KB

.data
Size: 284KB - Virtual size: 284KB

.rsrc
Size: 13KB - Virtual size: 12KB