0c02025723961ca7d148654712cc1d78_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c02025723961ca7d148654712cc1d78_JaffaCakes118
Size

780KB
MD5

0c02025723961ca7d148654712cc1d78
SHA1

3bdb8dd9ed965000ec2f6c0612e241f304be5d2c
SHA256

58e04e271ad9fb7d4e8a1efb95c31ba3d44e75ca3d4c4b1baf38ce5f21e7cbad
SHA512

5866a1d320ea8b0b5adbe453086c39eeeff9c92cc4de57b5b515c254ea5ea6443174838b78c26767b622221ac2017f9d0bc62c1414ebcbfd1d4f2abd43af707c
SSDEEP

24576:GjKCPHoq845p8LpCtbos+DGMs5uMVmVnkieezwo:fCPIqlpJbohPQSkho

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c02025723961ca7d148654712cc1d78_JaffaCakes118

Files

0c02025723961ca7d148654712cc1d78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fd329681704c7af664fd529a1debe4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\oeho\abd\ututdtsh\xyheoowgb.pdb

Imports

ole32

OleCreateFromData
OleIsCurrentClipboard
OleRegGetMiscStatus
CoLockObjectExternal
CoTreatAsClass
CoTaskMemAlloc
WriteFmtUserTypeStg
OleRegEnumVerbs
CLSIDFromProgID
ReadFmtUserTypeStg
CoCreateInstance
SetConvertStg
OleSetClipboard
ReadClassStg

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx
ImageList_Destroy
CreateToolbarEx

advapi32

GetSidIdentifierAuthority
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegQueryInfoKeyA
FreeSid
RegOpenKeyExA
CloseServiceHandle
GetSidSubAuthority
OpenProcessToken
RegSetValueExA
RegEnumValueA
RegEnumKeyA
RegQueryValueExA
OpenSCManagerA
RegCreateKeyExA
GetLengthSid
GetTokenInformation
RegCloseKey
GetUserNameA
OpenServiceA
RegDeleteKeyA

mfc42

ord1576

kernel32

GetOEMCP
GetEnvironmentStringsW
GetModuleFileNameW
GetCurrentThreadId
HeapFree
GetConsoleMode
GetStdHandle
GetSystemTimeAsFileTime
LoadLibraryW
GetTickCount
GetLastError
HeapSize
GetACP
GetModuleFileNameA
IsValidCodePage
SetEnvironmentVariableA
CreateMutexW
FlushFileBuffers
EnterCriticalSection
SetFilePointer
GetTimeFormatA
WriteFile
UnhandledExceptionFilter
GetCurrentProcessId
GetCPInfo
TerminateProcess
GetLocaleInfoA
GetFileType
SetHandleCount
RtlUnwind
CloseHandle
CompareStringW
GetProcAddress
HeapAlloc
FreeEnvironmentStringsW
LoadLibraryA
WriteConsoleA
GetStartupInfoA
TlsFree
GetConsoleOutputCP
GetStringTypeW
GetConsoleCP
QueryPerformanceCounter
CreateFileA
LeaveCriticalSection
GetStringTypeA
MultiByteToWideChar
GetDateFormatA
VirtualAlloc
HeapReAlloc
LCMapStringA
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetStdHandle
ReadFile
WriteConsoleW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetModuleHandleW
HeapCreate
TlsAlloc
TlsGetValue
GetCurrentProcess
GetCommandLineW
InterlockedExchange
DeleteCriticalSection
SetLastError
RaiseException
WideCharToMultiByte
VirtualFree
CompareStringA
TlsSetValue
ExitProcess
LCMapStringW
Sleep
InterlockedIncrement
GetModuleHandleA
InterlockedDecrement
VirtualQuery

gdi32

CreateCompatibleDC
SetTextAlign
GetTextMetricsW
PtInRegion
GetCharABCWidthsW
SetTextColor
DeleteObject
ExtCreateRegion

winspool.drv

EnumPrintersW
OpenPrinterW
GetJobW
ord204
DocumentPropertiesW
ClosePrinter

user32

PtInRect
GetDlgItem
LoadStringW
GetSubMenu
EndDeferWindowPos
EnableMenuItem
SetDlgItemInt
RegisterClassW
SetFocus
GetClassInfoExW
LoadAcceleratorsW
SetTimer
DestroyIcon
CopyIcon
SetMenuItemBitmaps
LoadIconW
GetSystemMenu
GetTopWindow
RemoveMenu
GetSysColor
SetWindowPos
ShowOwnedPopups
GetDC
DrawEdge
BeginDeferWindowPos
MapWindowPoints
DispatchMessageW
GetCapture
SetRect
OffsetRect
IsChild
SetActiveWindow
GetWindowRect
CallWindowProcW
SendMessageW
MessageBoxW
TranslateMessage
GetDlgCtrlID
GetClassInfoW
GetNextDlgTabItem
GetParent
PostThreadMessageW
UpdateWindow
IsRectEmpty
RedrawWindow
ScreenToClient
GetSysColorBrush
EmptyClipboard
GetKeyState
ShowWindow
LoadBitmapW
SetScrollPos
RegisterClassExW
TrackPopupMenu
BringWindowToTop
DestroyAcceleratorTable
WaitMessage
EndPaint
CreateMenu
GetMessagePos
InvalidateRect
MessageBeep
IsZoomed
DrawTextExW
SetParent
EqualRect
ClientToScreen
LoadCursorW
TrackMouseEvent
SetCursor
GetWindowThreadProcessId
BeginPaint

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fd329681704c7af664fd529a1debe4b

Headers

File Characteristics

PDB Paths

Imports

ole32

comctl32

advapi32

mfc42

kernel32

gdi32

winspool.drv

user32

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 476KB - Virtual size: 474KB

.data Size: 108KB - Virtual size: 116KB

.rsrc Size: 72KB - Virtual size: 70KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 476KB - Virtual size: 474KB

.data
Size: 108KB - Virtual size: 116KB

.rsrc
Size: 72KB - Virtual size: 70KB