0bea0763116e8d0f0166194de6247169_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bea0763116e8d0f0166194de6247169_JaffaCakes118
Size

402KB
MD5

0bea0763116e8d0f0166194de6247169
SHA1

4d14d4bb39fabf7687399e96ceaccf97e3be2d3d
SHA256

3794fbe5aeea455ed2758019af6335ab9f898971dc52764b59774df878d1aea3
SHA512

3b91471d5d71f597044635b473a10c0a7674e3c8501f2eb03f781ceaff2f94abe621cdd4160771afb3c51f31364918dd36a75da0f820ca3d18ded8a12213b648
SSDEEP

12288:7CqAz0PwLhuKNbnlERDYJdqdiwjecqN14m:7DAz0NKLERDYXyiwj01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bea0763116e8d0f0166194de6247169_JaffaCakes118

Files

0bea0763116e8d0f0166194de6247169_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd53d0c978c8f9a0142edc16f917546a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
AddAtomW
AllocConsole
AllocateUserPhysicalPages
AreFileApisANSI
AssignProcessToJobObject
BackupRead
BackupSeek
BackupWrite
Beep
BeginUpdateResourceA
BeginUpdateResourceW
BuildCommDCBA
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallNamedPipeA
CallNamedPipeW
CancelWaitableTimer
ChangeTimerQueueTimer
ClearCommBreak
ClearCommError
CloseHandle
CommConfigDialogA
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateEventA
CreateEventW
CreateFiber
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateMailslotA
CreateMailslotW
CreateMutexA
CreateMutexW
CreateNamedPipeA
CreateNamedPipeW
CreatePipe
CreateProcessA
CreateRemoteThread
CreateSemaphoreA
CreateSemaphoreW
CreateTapePartition
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateWaitableTimerA
CreateWaitableTimerW
DebugActiveProcess
DebugBreak
DefineDosDeviceA
DefineDosDeviceW
DeleteAtom
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileW
DeleteTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DeviceIoControl
DisableThreadLibraryCalls
DisconnectNamedPipe
DnsHostnameToComputerNameA
DnsHostnameToComputerNameW
DosDateTimeToFileTime
DuplicateHandle
EndUpdateResourceA
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoA
EnumCalendarInfoExW
EnumCalendarInfoW
EnumDateFormatsA
EnumDateFormatsExA
EnumDateFormatsExW
EnumDateFormatsW
EnumLanguageGroupLocalesA
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceNamesA
EnumResourceNamesW
EnumResourceTypesA
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FatalAppExitA
FatalAppExitW
FatalExit
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterW
FindAtomW
FindClose
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindVolumeClose
FindVolumeMountPointClose
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FoldStringA
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GenerateConsoleCtrlEvent
GetAtomNameA
GetAtomNameW
GetBinaryTypeA
GetBinaryTypeW
GetCPInfo
GetCPInfoExA
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetCommMask
GetCommModemStatus
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetComputerNameExW
GetComputerNameW
GetConsoleCP
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetConsoleTitleW
GetCurrencyFormatA
GetCurrencyFormatW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameA
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetNumberFormatA
GetNumberFormatW
GetNumberOfConsoleInputEvents
GetOEMCP
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructW
GetProcessAffinityMask
GetProcessHeap
GetProcessHeaps
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetQueuedCompletionStatus
GetShortPathNameA
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetTapeParameters
GetTapePosition
GetTapeStatus
GetTempFileNameA
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadSelectorEntry
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
GetVolumePathNameA
GetVolumePathNameW
GetWindowsDirectoryA
GetWriteWatch
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalGetAtomNameA
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnWire
GlobalUnfix
GlobalUnlock
GlobalWire
Heap32First
Heap32ListNext
HeapAlloc
HeapCompact
HeapCreate
HeapFree
HeapLock
HeapReAlloc
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitAtomTable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadCodePtr
IsBadHugeReadPtr
IsBadHugeWritePtr
IsBadStringPtrA
IsBadStringPtrW
IsBadWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLanguageGroup
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LoadModule
LoadResource
LocalAlloc
LocalCompact
LocalFileTimeToFileTime
LocalFlags
LocalFree
LocalHandle
LocalLock
LocalReAlloc
LocalShrink
LocalSize
LocalUnlock
LockFile
LockFileEx
LockResource
MapUserPhysicalPages
MapUserPhysicalPagesScatter
MapViewOfFile
MapViewOfFileEx
Module32First
Module32Next
Module32NextW
MoveFileA
MoveFileExA
MoveFileW
MoveFileWithProgressA
MoveFileWithProgressW
MulDiv
MultiByteToWideChar
OpenEventA
OpenEventW
OpenFile
OpenFileMappingA
OpenFileMappingW
OpenJobObjectA
OpenJobObjectW
OpenMutexA
OpenMutexW
OpenProcess
OpenSemaphoreA
OpenSemaphoreW
OpenThread
OpenWaitableTimerA
OpenWaitableTimerW
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputW
PeekNamedPipe
PostQueuedCompletionStatus
PrepareTape
Process32First
Process32FirstW
Process32Next
Process32NextW
ProcessIdToSessionId
PulseEvent
PurgeComm
QueryDosDeviceA
QueryInformationJobObject
QueryPerformanceCounter
QueueUserAPC
QueueUserWorkItem
RaiseException
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadConsoleW
ReadDirectoryChangesW
ReadFile
ReadFileEx
ReadFileScatter
ReadProcessMemory
RegisterWaitForSingleObject
RegisterWaitForSingleObjectEx
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
ReplaceFileA
ReplaceFileW
ResetEvent
ResetWriteWatch
ResumeThread
RtlFillMemory
RtlMoveMemory
RtlUnwind
RtlZeroMemory
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SearchPathA
SearchPathW
SetCalendarInfoA
SetCalendarInfoW
SetCommBreak
SetCommConfig
SetCommMask
SetCommState
SetCommTimeouts
SetComputerNameA
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleCursor
SetConsoleCursorInfo
SetConsoleMode
SetConsoleOutputCP
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetConsoleTitleA
SetConsoleTitleW
SetConsoleWindowInfo
SetCriticalSectionSpinCount
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 309KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd53d0c978c8f9a0142edc16f917546a

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 86KB - Virtual size: 85KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.rdata Size: 309KB - Virtual size: 312KB

.text
Size: 86KB - Virtual size: 85KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.rdata
Size: 309KB - Virtual size: 312KB