0cb95fb5ae72e8a1366d5757b5b08dc7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0cb95fb5ae72e8a1366d5757b5b08dc7_JaffaCakes118
Size

376KB
MD5

0cb95fb5ae72e8a1366d5757b5b08dc7
SHA1

893c3576218de671b7938e672448bdb8891b9534
SHA256

ddb39ebfe378d83e36bc481b2e7dfbd4579c74b9401475d0f545e81da0c48cb2
SHA512

bfc8dc60318f2487a4dc106c9fd37666f11ae3ddb79bdae72b2ffa46305df48cf157013d56b80739278ee26783b749727e41b7f4b43d40b6dc034857f5abe6ce
SSDEEP

6144:dNkouJJywiiGpRi3RWIFZD4+7HxJMcPVPmxThCCjh/9SFJ4:dNkJiPpREWIFZr7HPBmRh5jaJ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cb95fb5ae72e8a1366d5757b5b08dc7_JaffaCakes118

Files

0cb95fb5ae72e8a1366d5757b5b08dc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1975d70f2177b96a79ffd363f7ca477e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
DragAcceptFiles
DragQueryFileA

user32

DialogBoxParamA
SetForegroundWindow
IsWindow
SetRect
SetWindowWord
UpdateWindow
GetWindowWord
RegisterClassA
DialogBoxIndirectParamA
CreateWindowExA
InvalidateRect
DestroyWindow
CreateDialogParamA
ShowWindow
EnumChildWindows
CallWindowProcA
GetCursorPos
SetCursorPos
LoadCursorA
SetCursor
GetActiveWindow
CharUpperA
CharToOemA
EnumWindows
GetLastActivePopup
PostMessageA
GetPropA
LoadStringA
SetFocus
SetWindowTextA
GetWindowTextA
LoadIconA
GetWindowLongA
SetWindowLongA
SendMessageA
SetPropA
GetDlgItem
SendDlgItemMessageA
CheckRadioButton
EnableWindow
OemToCharA
EndDialog
WinHelpA
DestroyIcon
RemovePropA
GetSysColor
GetClientRect
BeginPaint
EndPaint
DefWindowProcA
SetDlgItemTextA
SetWindowPos
wsprintfA
MessageBoxA
SystemParametersInfoA
GetSystemMetrics
GetWindowRect
SetActiveWindow
GetDlgItemTextA
BringWindowToTop
MoveWindow
PeekMessageA
TranslateMessage
DispatchMessageA

kernel32

_lopen
SystemTimeToFileTime
FileTimeToDosDateTime
GlobalHandle
ExitProcess
LockResource
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
SetEndOfFile
GetLocaleInfoW
FlushFileBuffers
GetStringTypeW
GetStringTypeA
IsBadCodePtr
GetOEMCP
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetStdHandle
VirtualAlloc
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
HeapSize
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentDirectoryA
HeapReAlloc
RaiseException
lstrcpyA
lstrlenA
WinExec
GlobalDeleteAtom
GlobalGetAtomNameA
GetDriveTypeA
GetVersionExA
GetModuleFileNameA
FreeLibrary
GetACP
GetProcAddress
LoadLibraryA
SetErrorMode
FreeResource
DeleteFileA
LoadResource
SizeofResource
FindResourceA
CloseHandle
CreateFileA
GetTickCount
GlobalAddAtomA
GetVersion
lstrcatA
SetCurrentDirectoryA
IsBadReadPtr
LocalFree
FormatMessageA
GetLastError
GlobalMemoryStatus
GetLocalTime
GetVolumeInformationA
_lclose
_lwrite
_lread
_llseek
WideCharToMultiByte
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
GlobalSize
FindClose
GetShortPathNameA
FileTimeToSystemTime
DosDateTimeToFileTime
GetSystemTime
GetCurrentProcess
TerminateProcess
GetDateFormatA
GetTimeFormatA
FileTimeToLocalFileTime
IsBadWritePtr
GetFullPathNameA
SetFilePointer
GetTimeZoneInformation
FindNextFileA
FindFirstFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RtlUnwind
HeapCompact
HeapFree
HeapAlloc

gdi32

SetTextAlign
SetBkColor
SetTextColor
DeleteObject
GetBkColor
GetTextExtentPoint32A
ExtTextOutA
CreateDCA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
CreatePen
SelectObject
MoveToEx
LineTo

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1975d70f2177b96a79ffd363f7ca477e

Headers

File Characteristics

Imports

shell32

user32

kernel32

gdi32

comdlg32

advapi32

version

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 16KB - Virtual size: 234KB

.rsrc Size: 192KB - Virtual size: 192KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 16KB - Virtual size: 234KB

.rsrc
Size: 192KB - Virtual size: 192KB