0c0bcc2e11096f0c0bbb8f96cee2062b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c0bcc2e11096f0c0bbb8f96cee2062b_JaffaCakes118
Size

1.4MB
MD5

0c0bcc2e11096f0c0bbb8f96cee2062b
SHA1

b46f63ab7be362d3785119350af48e2694e24da7
SHA256

cc1f4e45e783bb0b440fd01bfc412ba650a2239e2222932b9f9e04fc6e74bd3c
SHA512

cd8c36977d8d3bce67b71edfe32cb0de459fb2f1efb11acaf191bd202a60be8349a8a394cc75bc666e24c93bbe405a2b59a067d5f4c89137b4172b0c0078e4c7
SSDEEP

24576:bVbnQqai7depAk1Z1v6TGpH390B1fOeFWw8bejfDo3Uv2zkscbQqaHq74p6Zy:btQ+EpA0Z1v6oH3PeFWw5gksc0G0p6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AXION/Plugin_-_Axion_Flare_Effects.exe

Files

0c0bcc2e11096f0c0bbb8f96cee2062b_JaffaCakes118
.zip
AXION/AXIONS PARKLE/axiongs.exe
AXION/Plugin_-_Axion_Flare_Effects.exe
.exe windows:4 windows x86 arch:x86

78c751010579c51cdad3f096a3cbcc97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
FindExecutableA

user32

CharNextA
DefWindowProcA
GetWindowWord
SetWindowWord
BeginPaint
GetSysColor
GetClientRect
SetRect
EndPaint
RegisterClassA
OemToCharBuffA
LoadCursorA
GetLastActivePopup
ShowWindow
PostMessageA
EnableWindow
DestroyWindow
SetWindowTextA
SetForegroundWindow
SetActiveWindow
GetWindowRect
SetTimer
KillTimer
DialogBoxIndirectParamA
GetDlgItemTextA
EndDialog
SendMessageA
GetKeyState
PeekMessageA
TranslateMessage
DispatchMessageA
GetParent
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
InvalidateRect
UpdateWindow
wsprintfA
MessageBoxA
SetCursor
GetSystemMetrics
SetWindowPos

kernel32

CreateDirectoryA
_lclose
_lopen
GlobalUnlock
RtlUnwind
GetCommandLineA
GetModuleHandleA
ExitProcess
GetACP
GetModuleFileNameA
SetErrorMode
GetVersion
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcmpiA
GetWindowsDirectoryA
GetEnvironmentVariableA
LocalAlloc
LocalFree
GlobalHandle
lstrcpyA
GlobalFree
GlobalAlloc
GlobalLock
WinExec
_llseek
GetDriveTypeA
_lread
_lwrite
GetVolumeInformationA
FindClose
FindFirstFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
lstrlenA
lstrcatA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
_lcreat

gdi32

GetBkColor
SetBkColor
SetTextColor
SetTextAlign
DeleteObject
GetTextExtentPoint32A
ExtTextOutA
CreateDCA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
SelectObject

advapi32

RegQueryValueA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_winzip_
Size: 794KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AXION/axionflare.exe
AXION/axionfx.exe

Sharing

General

Malware Config

Signatures

Files

78c751010579c51cdad3f096a3cbcc97

Headers

File Characteristics

Imports

shell32

user32

kernel32

gdi32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

_winzip_ Size: 794KB - Virtual size: 796KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

_winzip_
Size: 794KB - Virtual size: 796KB