0c66a928778aa1d0ef47a78d34cc6045_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0c66a928778aa1d0ef47a78d34cc6045_JaffaCakes118
Size

400KB
MD5

0c66a928778aa1d0ef47a78d34cc6045
SHA1

1e46a22a3e58a32dbb29d1854451b61caf22c452
SHA256

11f4c0b46c210198d0776c07bb2ad2ae77abec6343fb65f10ab0876cea88ab29
SHA512

90c4648b49db8cd8a106db5eb17a630552c7a086354b0806b3362cd206b2c77910e054f0975d1c4a15585b95dff64d8b8ea25a0de0b9724bcbcd83ebb4872942
SSDEEP

12288:hIme+UP3zA11QWUkbaOQx3xwU6Vt92UXmgk:hIiUEXQWUEaOQxBwnTUt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c66a928778aa1d0ef47a78d34cc6045_JaffaCakes118

Files

0c66a928778aa1d0ef47a78d34cc6045_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1de0afa46d34072fef4496b1ac50ca09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
Sleep
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GetProcAddress
RemoveDirectoryA
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
FindFirstFileA
CompareStringW
WriteFile
GetProcessHeap
WaitForMultipleObjects
DeleteFileW
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetCurrentThread
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
lstrlenW
TlsGetValue
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
GlobalLock
LoadResource
InitializeCriticalSection
GetExitCodeProcess
GetOEMCP
LocalFree
SetEvent
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RtlUnwind
FatalAppExitA
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
GetVersion
SizeofResource
CreateProcessA
IsValidCodePage
UnmapViewOfFile
FindResourceW
VirtualFree
FindResourceA
GetCommandLineA
WriteConsoleA
VirtualAlloc

user32

EndDialog
SetWindowLongA
ReleaseCapture
PostMessageA
IsIconic
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
PeekMessageA
MapWindowPoints
EndPaint
FillRect
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
DispatchMessageA
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
SetWindowPos
EnableWindow
SetCapture
ShowWindow
UpdateWindow
GetParent
DestroyWindow
GetKeyState
GetClientRect
SendMessageW
GetCursorPos
GetDC
SetForegroundWindow
IsWindow
PostQuitMessage
MoveWindow
SetFocus
SetCursor
ReleaseDC
GetFocus
SendMessageA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
MessageBoxA
DialogBoxParamA
GetSysColor
SystemParametersInfoA
wsprintfA
InvalidateRect
SetWindowTextA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

SetBkColor
DeleteObject
GetDeviceCaps
DeleteDC
GetStockObject
CreateCompatibleDC
SelectObject
CreateSolidBrush
BitBlt
SetBkMode

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegCloseKey

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1de0afa46d34072fef4496b1ac50ca09

Headers

File Characteristics

Imports

kernel32

user32

version

gdi32

advapi32

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 624B

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 624B