0c4c95c8c9d3e0269e1c07bd60ae99e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c4c95c8c9d3e0269e1c07bd60ae99e6_JaffaCakes118
Size

85KB
MD5

0c4c95c8c9d3e0269e1c07bd60ae99e6
SHA1

002307b2d71eb525aa197c1f57b15e0c7dfb09f8
SHA256

57b77e4a384cd02a8901f591effe065fc55e5d06a909e737ad9c02d35b80b60e
SHA512

0a30a7066239880de27c01ed84d878a70a0109e011a672cac90b556904b32da325be5917a6a6e2ebe7e1c696b67b6733dcf496d521b5e6948cbf012b7b3a3a3a
SSDEEP

1536:yq/+oLW30PGkqHtRPXXsIOunToIfnZHiHcrwBO2bPyAdVMes4:JLDPa2KTBfwccBOu68MeR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4c95c8c9d3e0269e1c07bd60ae99e6_JaffaCakes118

Files

0c4c95c8c9d3e0269e1c07bd60ae99e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8bbb88e87f42e0160826192291b8f24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
WriteFile
CloseHandle
UnmapViewOfFile
WideCharToMultiByte
MultiByteToWideChar
Sleep
FindClose
GetModuleHandleA
GetModuleFileNameW
GetStartupInfoA
GetCommandLineA
ExitProcess
FormatMessageW
MoveFileW
GetDiskFreeSpaceW
GetVolumeInformationW
GetCommandLineW
LoadLibraryW
lstrcmpiW
lstrlenW
FormatMessageA
GetFileAttributesA
SetFileAttributesA
FindFirstFileA
FindNextFileA
MoveFileA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDiskFreeSpaceA
GetDriveTypeA
GetVolumeInformationA
lstrcmpiA
lstrlenA
GetDriveTypeW
SetCurrentDirectoryW
GetCurrentDirectoryW
SetFileAttributesW
GetFileAttributesW
GetFullPathNameW
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
CreateFileW
FindNextFileW
FindFirstFileW
SetThreadLocale
GetProcAddress
IsDBCSLeadByte
GetVersion
VirtualAlloc
VirtualFree
GetSystemDefaultLCID
LoadLibraryA

user32

TranslateAcceleratorA
DestroyWindow
EndDialog
GetWindowPlacement
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
UpdateWindow
ShowWindow
KillTimer
SetTimer
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
CheckDlgButton
IsWindowVisible
EnableWindow
BringWindowToTop
PostMessageW
SendMessageW
TranslateMessage
SetWindowPos
SetForegroundWindow
SystemParametersInfoA
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetActiveWindow
GetWindowTextA
SetWindowTextA
SetWindowWord
GetWindowWord
MoveWindow
GetDlgItemTextW
SetDlgItemTextW
MessageBoxW
GetWindowTextW
SetWindowTextW
GetWindowTextLengthW
IsDialogMessageA
FindWindowW
InsertMenuW
ModifyMenuW
CharLowerA
CharUpperA
ModifyMenuA
InsertMenuA
CreateWindowExA
FindWindowA
CallWindowProcA
DialogBoxParamA
CreateDialogParamA
GetWindowTextLengthA
CharUpperW
CharLowerW
RegisterClassW
CallWindowProcW
SetWindowLongW
GetWindowLongW
DialogBoxParamW
CreateDialogParamW
DispatchMessageA
IsIconic
wsprintfW
LoadStringW
LoadStringA
RegisterClassA
PeekMessageA
LoadCursorA
DefWindowProcA
GetParent
GetWindowRect
ScreenToClient
GetClassNameA
EnumWindows
PostMessageA
wsprintfA
GetSystemMetrics
LoadIconA
SetClassLongA
SendMessageA
GetWindowLongA
SetWindowLongA
IsWindow
PostQuitMessage
IsDlgButtonChecked
SendDlgItemMessageW
MessageBoxA
CreateWindowExW
GetMessageA
SendDlgItemMessageA

shell32

ShellExecuteExW
ShellExecuteW
SHGetMalloc
SHChangeNotify
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteA
DragQueryFileA
DragQueryFileW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

comctl32

ord17

msvcrt

_controlfp
?terminate@@YAXXZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
wcscmp
_wcsnicmp
wcscpy
wcschr
wcsrchr
wcstoul
wcstol
_mbschr
strchr
strtol
strcmp
strlen
strcpy
realloc
strrchr
sprintf
_vsnprintf
toupper
wcslen
_purecall
free
malloc
memchr
swprintf
strstr
strtoul
atoi
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsdup
_strdup
_strnicmp

comdlg32

GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA

advapi32

RegQueryValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegEnumValueW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW

winmm

PlaySoundW
PlaySoundA

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8bbb88e87f42e0160826192291b8f24

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

comctl32

msvcrt

comdlg32

advapi32

winmm

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 41KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 41KB

.rsrc
Size: 8KB - Virtual size: 6KB