0c60727efa6f7409944ecf428680588e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c60727efa6f7409944ecf428680588e_JaffaCakes118
Size

72KB
MD5

0c60727efa6f7409944ecf428680588e
SHA1

98997af44905821c160d58d3c9e8039aa51ff016
SHA256

450fb73797fb99eba4353bd70b7427e50cef3ef2a29e4746c94c9ec57f5d08d0
SHA512

175e4fcbbc4aee61d9f0cdd5ba8567cf05167f0cf8c53f4286b8c7b43238dec850d720b9e97d1efee2deba40a19266b8a08d1cab30fb6f2adb60423a586e22aa
SSDEEP

1536:ulO8drnXn0VLzKxJMIdIVfp7cHuOjGUh8MWFrk:urT30VLzKxGYaxrOjt8RFrk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c60727efa6f7409944ecf428680588e_JaffaCakes118

Files

0c60727efa6f7409944ecf428680588e_JaffaCakes118
.exe windows:7 windows x86 arch:x86

8d404c9c60f55d5b2e2ea0e1c45e213f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconW
SHGetFileInfoW
SHGetMalloc
DragFinish
DragAcceptFiles
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetPathFromIDListW
SHGetFolderPathW
ExtractIconExW
ShellExecuteExW
DragQueryFileW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetSpecialFolderPathW
ShellExecuteExW
SHGetPathFromIDListW
SHGetMalloc
SHGetFileInfoW
DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragQueryFileW
ExtractIconExW
SHGetMalloc
CommandLineToArgvW
ExtractIconW
SHChangeNotify
SHGetFileInfoW
SHGetFileInfoW
SHChangeNotify
ShellAboutW
SHGetPathFromIDListW
ExtractIconW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellAboutW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetDesktopFolder
CommandLineToArgvW
DragAcceptFiles
SHGetPathFromIDListW
SHGetFolderPathW
SHGetPathFromIDListW
DragQueryFileW
SHGetDesktopFolder
DragFinish
SHGetFolderPathW
SHGetFileInfoW
DragFinish
SHGetSpecialFolderLocation
ShellAboutW

gdi32

GetTextMetricsW
GetTextMetricsW
MoveToEx
GetObjectW
SetBkMode
MoveToEx
GetObjectW
GetTextMetricsW
BitBlt
CreateBitmap
ExtTextOutW
GetDeviceCaps
CreateCompatibleBitmap
MoveToEx
CreateBitmap
SelectObject
BitBlt
GetTextExtentPoint32W
DeleteDC
SetBkMode
StretchBlt
SetTextColor
SelectObject
StretchBlt
GetTextExtentPoint32W
CreateBitmap
GetTextExtentPoint32W
StretchBlt
CreateBitmap
CreateCompatibleDC
SetBkMode
SetBkMode
DeleteDC
SelectObject
PatBlt
SelectObject
LineTo
GetTextMetricsW
PatBlt
GetStockObject
CreateFontIndirectW
MoveToEx
GetObjectW
CreateFontIndirectW
CreateCompatibleDC
GetStockObject

user32

GetSystemMetrics
IsWindow
PtInRect
SystemParametersInfoW
MapWindowPoints
LoadAcceleratorsW
PtInRect
SetForegroundWindow
IsIconic
CreateDialogParamW
LoadStringW
IsDialogMessageW
GetClientRect
CharNextW
CheckDlgButton
SendMessageA
CreateWindowExW
ScreenToClient
LoadIconW
EnableMenuItem
SendMessageA
GetDC
SendMessageW
SetDlgItemTextW
GetWindowRect
PostMessageW
SendDlgItemMessageW
ReleaseDC
IsWindowVisible
ShowWindow
DestroyIcon
LoadMenuW
GetDlgItem
SendMessageW
GetMessageW
GetDlgItem
PostQuitMessage
GetSystemMenu
FillRect
GetSystemMetrics
CharNextW
GetDC
SetWindowLongW
ScreenToClient
DialogBoxParamW
LoadImageW
LoadStringA
SetTimer
DispatchMessageW
WinHelpW
GetAncestor
SendMessageA
SetRect
GetDlgItemTextW
DefWindowProcW
GetKeyState
LoadCursorW
PeekMessageW
DrawTextW
OffsetRect
TranslateMessage
EnableMenuItem
GetMessageW

advapi32

GetLengthSid
SetSecurityDescriptorDacl
CloseServiceHandle
RegOpenKeyExW
RegOpenKeyExA
CloseServiceHandle
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
AdjustTokenPrivileges
AddAccessAllowedAce
RegOpenKeyExW
RegOpenKeyExA
OpenProcessToken
CloseServiceHandle
OpenProcessToken
RegCloseKey
RegEnumValueW
FreeSid
RegOpenKeyW
AdjustTokenPrivileges
AdjustTokenPrivileges
RegOpenKeyW
RegEnumValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
OpenThreadToken
RegCreateKeyExA
RegOpenKeyExA
OpenThreadToken
OpenProcessToken
FreeSid
InitializeAcl
RegDeleteValueW
AddAccessAllowedAce
RegCreateKeyExA
FreeSid
RegQueryInfoKeyW
AddAccessAllowedAce
AddAccessAllowedAce
RegCreateKeyExA
RegQueryValueExA
FreeSid
RegDeleteValueW
GetTokenInformation
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExA
RegOpenKeyExA
InitializeSecurityDescriptor
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExW
InitializeAcl
RegEnumKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
GetTokenInformation
RegOpenKeyExW
RegOpenKeyExW
RegEnumValueW
AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyExW

kernel32

GetStartupInfoA
LocalAlloc
GetACP
LoadLibraryA
GetTickCount
CloseHandle
GetModuleFileNameA
GetCurrentProcessId
CreateThread
GetStartupInfoA
HeapAlloc
DeleteCriticalSection
GetCommandLineW
FormatMessageW
GetProcessHeap
MultiByteToWideChar
GetCurrentThreadId
FreeLibrary
GetSystemTimeAsFileTime
GetCurrentProcess
LocalFree
FormatMessageW
FormatMessageW
LocalAlloc
GetModuleFileNameA
HeapAlloc
GetProcAddress
GetACP
GetProcessHeap
GetStartupInfoA
GetSystemTimeAsFileTime
LoadLibraryA
lstrlenW
Sleep
QueryPerformanceCounter
Sleep
LoadLibraryW
FreeLibrary
GetModuleHandleA
Sleep
GetCurrentThreadId
GetTickCount
HeapAlloc
VirtualFree
LoadLibraryA
GetStartupInfoW
ExitProcess
CreateThread
GetProcessHeap
GetVersionExA
SetUnhandledExceptionFilter
LoadLibraryA
LocalAlloc
GetModuleHandleW
InterlockedDecrement

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d404c9c60f55d5b2e2ea0e1c45e213f

Headers

File Characteristics

Imports

shell32

gdi32

user32

advapi32

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 92KB

.data Size: 42KB - Virtual size: 44KB

.edata Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 92KB

.data
Size: 42KB - Virtual size: 44KB

.edata
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB