0fd17ef3b0e06bc596d738959e0a201c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fd17ef3b0e06bc596d738959e0a201c_JaffaCakes118
Size

1.3MB
MD5

0fd17ef3b0e06bc596d738959e0a201c
SHA1

70fb638e9dc31267decb80f72ddaabef1fc2ea86
SHA256

98ceb347f75c8a676daa40d04b353d7380f6404c8f695814b76c3193022c1c63
SHA512

da43532ab27272b8491a3343f1e1d063820a113d5cd9d5fb3ede09ba727afa2fa5231d4cb6020849d223bf578adf0df0f98598b65f827fd9cb5ecc2c0b4ab30b
SSDEEP

24576:JQcoB0V8vsZWBKoM+M724UQUlmBq+u59OUSjnmYdN/T8wsXAqRDXJnraWM/9scac:JQcoB0V8vEAfM+9VlmBq+g9OUST/dN/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fd17ef3b0e06bc596d738959e0a201c_JaffaCakes118

Files

0fd17ef3b0e06bc596d738959e0a201c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea89ad72799fa4d0380449d40972b38a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetACP
lstrlenW
ReadFile
UnmapViewOfFile
LocalSize
InitializeCriticalSectionAndSpinCount
LockResource
FindResourceExW
GetTickCount
InitializeCriticalSection
GetFileAttributesW
SetFileAttributesA
GetCurrentThread
GlobalFree
LocalFree
lstrcpyW
TlsSetValue
FormatMessageW
CloseHandle
TerminateProcess
LocalUnlock
FindClose
GetLocaleInfoW
CreateFileMappingW
lstrcmpiW
GlobalUnlock
CreateFileA
WriteFile
GetUserDefaultLCID
GetModuleFileNameW
GetFileSize
GlobalHandle
VirtualProtect
CompareStringA
Sleep
InterlockedExchange
GetFileInformationByHandle
FindFirstFileW
DisableThreadLibraryCalls
GetProcessHeap
FreeLibrary
MapViewOfFile
GetTimeFormatW
GetFileType
GetModuleHandleA
HeapDestroy
GlobalLock
LocalAlloc
MulDiv
CreateEventW
GetLastError
VirtualAlloc
InterlockedIncrement
LocalLock
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleW
LoadLibraryExW
SetEndOfFile
LCMapStringW
LocalReAlloc
QueryPerformanceCounter
CompareStringW
GetFullPathNameW
GetSystemTimeAsFileTime
SetLastError
LoadLibraryA
CreateFileW
GetProcAddress
GetDateFormatW
FoldStringW
FindResourceA
lstrcmpW
OpenMutexA
DeleteFileW
SetUnhandledExceptionFilter
WideCharToMultiByte
GetUserDefaultUILanguage
lstrcatW
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
lstrcpynW
UnhandledExceptionFilter
LoadResource
ExitProcess
GetLocalTime
GetStartupInfoA
GetWindowsDirectoryA
GetCommandLineW
DeleteCriticalSection

msvcrt

wcsstr
iswctype
__setusermatherr
__getmainargs
time
_unlock
_vsnwprintf
_cexit
_c_exit
_snwprintf
_wtol
_controlfp
_adjust_fdiv
__set_app_type
_XcptFilter
exit
memmove
_acmdln
_initterm
??1type_info@@UAE@XZ
localtime
wcsncmp
_exit
__p__fmode
__p__commode
atoi
wcsncpy

user32

LoadCursorW
GetMenuState
DrawTextW
InflateRect
SetWindowLongW
CloseClipboard
GetFocus
SetFocus
DefWindowProcW
GetWindowTextA
MessageBoxA
IsDialogMessageW
SetActiveWindow
RegisterWindowMessageA
DestroyIcon
DestroyMenu
LoadAcceleratorsW
LoadImageW
IsClipboardFormatAvailable
CharNextW
CharUpperW
GetWindowRect
OpenClipboard
SetScrollPos
GetWindowLongA
PostMessageW
DestroyWindow
wsprintfW
ReleaseDC
LoadIconW
ChildWindowFromPoint
DeleteMenu
EnableMenuItem
DispatchMessageW
PeekMessageW
TranslateAcceleratorW
TranslateMessage
RegisterClassExW
LoadStringW
GetDlgItemTextW
MessageBoxW
GetForegroundWindow
GetCapture
DrawTextExW
GetKeyboardLayout
SetWindowPlacement
LoadBitmapA
GetParent
CharLowerW
GetSysColor
SetRect
CheckMenuItem
GetCursorPos
SetWindowTextW
MoveWindow
DrawTextA
IsIconic
GetDesktopWindow
GetSubMenu
PtInRect
ValidateRect
EndDialog
GetMenu
RegisterClassA
UnhookWinEvent
SetCursor
GetDlgCtrlID
GetWindowLongW
GetWindowTextW
UpdateWindow
SetDlgItemTextW
ScreenToClient
CreateWindowExW
EnableWindow
IntersectRect
GetClientRect
WinHelpW
DialogBoxParamW
SendDlgItemMessageW
PostQuitMessage
RegisterWindowMessageW
GetSystemMenu
InvalidateRect
GetMessageW
GetClassNameA
SetWinEventHook
CreateDialogParamW
GetWindowPlacement
MessageBeep
GetSystemMetrics
SendMessageW
GetDC
ShowWindow
GetDlgItem

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyW
RegQueryValueExA
IsTextUnicode
RegSetValueExW
RegQueryValueExW

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterDriverW

gdi32

CreateFontIndirectW
DeleteDC
SetBkMode
SelectObject
SetViewportExtEx
LPtoDP
EndPage
GetObjectW
StartDocW
GetTextFaceW
SetAbortProc
GetTextMetricsW
CreateDCW
DeleteObject
SetWindowExtEx
GetTextExtentPoint32W
GetDeviceCaps
TextOutW
StartPage
AbortDoc
EndDoc
SetMapMode
EnumFontsW
GetStockObject

comdlg32

GetSaveFileNameW
CommDlgExtendedError
ChooseFontW
ReplaceTextW
GetFileTitleW
GetOpenFileNameW
PrintDlgExW
PageSetupDlgW
FindTextW

shell32

DragFinish
ShellAboutW
DragQueryFileW
DragAcceptFiles

comctl32

CreateStatusWindowW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea89ad72799fa4d0380449d40972b38a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

winspool.drv

gdi32

comdlg32

shell32

comctl32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 270KB - Virtual size: 6.8MB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 270KB - Virtual size: 6.8MB

.rsrc
Size: 15KB - Virtual size: 15KB