0b94c60302bd2355f3bd69a0cf5aa676_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b94c60302bd2355f3bd69a0cf5aa676_JaffaCakes118
Size

97KB
MD5

0b94c60302bd2355f3bd69a0cf5aa676
SHA1

845fcc15fa291c8ec91eb1d4ec380dd7627f3547
SHA256

07df5b4f1c082407e846ff49f7d905def45a72248eb113db41193816294cb03a
SHA512

7fbd19a5be8a4ab1123a5a4665818cc5c5c922d7f9dc54f5bfb15fbf804675a801fb23441f9a76eb1f563b041afc27cabcca31c3e0aa5bd275dbbbad32998d5c
SSDEEP

1536:vil6O7cg1Uu5ERf6WS0F12lC5cycAfeQowignvv0UZ8CgnAsERzM1fRXFum3Fb:bO795ERfzSlC5cyp3vv4CkIARVf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b94c60302bd2355f3bd69a0cf5aa676_JaffaCakes118

Files

0b94c60302bd2355f3bd69a0cf5aa676_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dbb60e67b2874ae14f875e7dc0264428

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalFree
VirtualAllocEx
UnhandledExceptionFilter
ExitProcess
OpenProcess
FindClose
QueryPerformanceCounter
DisableThreadLibraryCalls
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetStringTypeA
IsValidCodePage
GetVersion
Sleep
GetDateFormatA
GetCPInfo
GetCurrentProcess
GetStartupInfoA
IsBadCodePtr
DuplicateHandle
GetACP
GetTickCount
GetUserDefaultLCID
DeleteFileW

shell32

ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetPathFromIDList
DragAcceptFiles
DragFinish
ShellExecuteA
ExtractIconExA

advapi32

AddAccessAllowedAce
SetSecurityDescriptorDacl
RegEnumValueW
RegDeleteKeyA
InitializeSecurityDescriptor
CopySid
CryptGenRandom
RegSetValueExA

msvcrt

puts
strlen
malloc
strcspn
calloc
vsprintf
iswspace
localeconv
_getch

comctl32

ImageList_GetIcon
ImageList_DrawEx
ImageList_Create
CreatePropertySheetPageA
CreateStatusWindowA
InitCommonControls
ImageList_SetIconSize
ImageList_SetImageCount
DestroyPropertySheetPage

gdi32

CreateBrushIndirect
GetBkMode
Escape
SetROP2
CreateEnhMetaFileA
SetViewportOrgEx
PlayMetaFileRecord
GetTextFaceW
GetCharWidthA
CreateRectRgn
GetViewportExtEx
SetBrushOrgEx
SetViewportExtEx
CreateRoundRectRgn
CreateDCW
GetOutlineTextMetricsA
TextOutA
PolyDraw

user32

SendDlgItemMessageA
wsprintfA
SetWindowTextA
ShowCursor
GetSysColor
EndPaint
GetWindowRect
UpdateWindow

oleaut32

SafeArrayPtrOfIndex
SysFreeString
LoadTypeLib
SafeArrayCreate
SetErrorInfo
VariantInit
SafeArrayGetElement
GetActiveObject
SysReAllocStringLen
SysStringByteLen

ole32

DoDragDrop
CoCreateInstance
CoRegisterMessageFilter
CoGetInterfaceAndReleaseStream
CreateStreamOnHGlobal
StringFromCLSID
StgOpenStorageOnILockBytes
StgOpenStorage

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbb60e67b2874ae14f875e7dc0264428

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvcrt

comctl32

gdi32

user32

oleaut32

ole32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 14KB - Virtual size: 13KB