0c0fab74282c65eccde5db2c86430bf1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c0fab74282c65eccde5db2c86430bf1_JaffaCakes118
Size

2.4MB
MD5

0c0fab74282c65eccde5db2c86430bf1
SHA1

3f899b80d6e18beacecea6bc8c4dda8d1f6b66c4
SHA256

726d7c8d4e64d97ff7a5a5e012193732eef2749ada29ea748026b18a673be3c4
SHA512

9bec01116f4da0e070dfe28b812972a7e065080c85916e2dad4d9ef63e966bb5acca57c63f47f4060ebcbac422ee311ed42fc7bfdaf7cc5b5ce48d3563d72eb3
SSDEEP

49152:qcYFh0lCfvirhKgAk1TM6ZmLZXsEG2S85eEYd+ZTk8A915J:qczCick1ThmVmM5AslA97J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c0fab74282c65eccde5db2c86430bf1_JaffaCakes118

Files

0c0fab74282c65eccde5db2c86430bf1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

439967a6f4001eaef2c61c5da7943f75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetGlyphOutlineW
GetNearestPaletteIndex
CreateFontIndirectA
GetPixel
GetWindowOrgEx
EndDoc
SetLayout
GetObjectW
GetTextExtentPointA
Polygon
ExtCreateRegion
PtInRegion
CreateFontIndirectW
DeleteDC
GetFontData
GetTextCharsetInfo
CreateBrushIndirect
EnumFontsW
StretchDIBits
CreateCompatibleDC
CreateICW
GetCurrentObject
ResizePalette
SetMapMode

winspool.drv

DeletePortA
DeleteMonitorA

msvcrt

ungetc
iswprint
printf
wcsncat
wcscmp
isalnum
wcsncmp
strtol
isspace
fflush
fwrite

kernel32

FormatMessageW
WritePrivateProfileStringW
GetShortPathNameA
IsDBCSLeadByteEx
GetLongPathNameW
SizeofResource
CreateEventW
CancelIo
SetCurrentDirectoryA
GetCurrentProcessId
GlobalAddAtomW
GetCalendarInfoW
Sleep
VirtualFree
GetTickCount
HeapReAlloc
GetModuleHandleW
EnumResourceNamesW
GetFileAttributesExA
SetFilePointerEx
GetTempFileNameW
GetDriveTypeW
FreeEnvironmentStringsA
OpenWaitableTimerW
LoadLibraryExW
CreateRemoteThread

comdlg32

GetSaveFileNameW
ChooseFontW
ChooseColorW
GetOpenFileNameW
FindTextW
GetSaveFileNameA
ReplaceTextW
CommDlgExtendedError
GetFileTitleW
PageSetupDlgW
PrintDlgW

shlwapi

StrNCatW

user32

LoadMenuW
GetMenu
GetClipCursor
DlgDirSelectExA
ChangeMenuA
ToAscii
GetMenuItemID
EnumPropsExA
SetWindowRgn
DestroyAcceleratorTable
DispatchMessageW
GetUpdateRgn
GetWindowLongA
ScrollWindow
GetMenuItemInfoA
FrameRect
GetWindowRect
SetUserObjectInformationW
PostThreadMessageW
GetCursor
GetMenuInfo
GetClassLongW
EqualRect
CharNextW
HiliteMenuItem
IsRectEmpty
DrawMenuBar

Exports

Exports

_JzQ_DjuwM_rFew@4
_YiPhu_euy_rlfi@8
_OeNpo_vrzc_gIQ@12
_OYY_qcq_yexpm_i@12
_SlWd_rxo_jzxq_jp@12

Sections

.code
Size: 1024B - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.temp
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

439967a6f4001eaef2c61c5da7943f75

Headers

File Characteristics

Imports

gdi32

winspool.drv

msvcrt

kernel32

comdlg32

shlwapi

user32

Exports

Exports

Sections

.code Size: 1024B - Virtual size: 6.5MB

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 7KB - Virtual size: 7KB

.temp Size: 512B - Virtual size: 512B

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 3KB - Virtual size: 2KB

.code
Size: 1024B - Virtual size: 6.5MB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 7KB - Virtual size: 7KB

.temp
Size: 512B - Virtual size: 512B

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 3KB - Virtual size: 2KB