0c47b9feecb0e1f4b90b0f2863e1d25f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c47b9feecb0e1f4b90b0f2863e1d25f_JaffaCakes118
Size

444KB
MD5

0c47b9feecb0e1f4b90b0f2863e1d25f
SHA1

9bed6ee7788263ef131865bd72bde5ae6eac0f24
SHA256

e184a7d86a10f80d28dbab02a6d5923524d52d6458f6c913f22c1e2b7dd48e63
SHA512

bd5112285b150b4ab1f644a467ce37edc37a5f7d2990a82917b3058a79c9040814f1d7d76115e23efc7ab8ac385ed4cc0cbeb2c1094ee629879594e80bc46036
SSDEEP

12288:I90+pIRzMVR6A0gZzNhLbb25b2KbACT3w3t9qR:IOOkz2Rx0gZzNh7Q2Kb9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c47b9feecb0e1f4b90b0f2863e1d25f_JaffaCakes118

Files

0c47b9feecb0e1f4b90b0f2863e1d25f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ea8bb9dbeaffb0bf22f93694d9bdc91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringA
MessageBoxA
GetDlgItem
CreateWindowExA
IsWindowVisible
GetFocus
GetParent
IsWindow
GetSysColor
GetSystemMetrics
GetDC
ReleaseDC
SetWindowLongA
EnableMenuItem
UpdateWindow
PostQuitMessage
BeginPaint
PostMessageA
TranslateMessage
MoveWindow
EnableWindow
SetCursor
SetForegroundWindow
GetKeyState
SendMessageA
DestroyWindow
ReleaseCapture
LoadIconA
GetWindowRect
EndDialog
EndPaint
GetClientRect
InvalidateRect
IsWindowEnabled

kernel32

lstrlenA
ExitProcess
SetFilePointer
GetStdHandle
GetConsoleMode
GetFileAttributesW
GetLastError
LCMapStringA
LCMapStringW
TlsGetValue
LoadLibraryA
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcess
GetTickCount
WaitForSingleObject
GetConsoleCP
CompareStringA
GetLocaleInfoA
WideCharToMultiByte
GetOEMCP
VirtualQuery
GlobalAlloc
LockResource
GetModuleHandleW
GetExitCodeProcess
LocalFree
CreateProcessA
TlsSetValue
GetProcAddress
HeapFree
GetLocalTime
IsValidCodePage
EnterCriticalSection
GetStringTypeA
lstrcpyA
GetCommandLineA
InterlockedExchange
FindClose
GetEnvironmentStrings
UnmapViewOfFile
GetStartupInfoA
IsBadWritePtr
InitializeCriticalSection
FreeEnvironmentStringsW
GetCPInfo
ReadFile
FlushFileBuffers
VirtualFree
SetStdHandle
GetStringTypeW
InterlockedIncrement
InterlockedDecrement
DuplicateHandle
CloseHandle
FreeEnvironmentStringsA
HeapDestroy
QueryPerformanceCounter
WriteFile
GetSystemTimeAsFileTime
UnhandledExceptionFilter
RaiseException
SetEvent
CreateThread
GlobalLock
GetSystemInfo
DeleteFileA
GetVersionExA
LeaveCriticalSection
SetUnhandledExceptionFilter
lstrcmpiA
SetLastError
FindFirstFileA
TerminateProcess
FindFirstFileW
FreeLibrary
GetConsoleOutputCP
SetHandleCount
GetACP
GetCurrentThread
Sleep
GetCurrentProcessId
GetProcessHeap
GetEnvironmentStringsW
FileTimeToSystemTime
HeapCreate
GetFileAttributesA
InterlockedCompareExchange
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
GetFullPathNameA
GetVersion
HeapSize
HeapAlloc
SizeofResource
GetModuleHandleA
CreateFileA
CreateFileMappingA
TlsAlloc
GetModuleFileNameW
FormatMessageA
GetFileType
DeleteCriticalSection
LoadResource

advapi32

RegQueryInfoKeyA
RegQueryValueExW
RegCloseKey

gdi32

DeleteDC
BitBlt
GetStockObject
CreateSolidBrush

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ea8bb9dbeaffb0bf22f93694d9bdc91

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 380KB - Virtual size: 379KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 380KB - Virtual size: 379KB

.rsrc
Size: 8KB - Virtual size: 5KB