0cffb15d2a92d4169dbef0e7bedc4d0e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0cffb15d2a92d4169dbef0e7bedc4d0e_JaffaCakes118
Size

833KB
MD5

0cffb15d2a92d4169dbef0e7bedc4d0e
SHA1

7e53ee3117a5557a6f0dc3955f4aa1c0f49cfc9b
SHA256

f12ddd573b5b3e7f29858254e43a73f962f56480651af0ef5029e463339bde33
SHA512

e251dc8ea6c0bd7ec461dbb0485f78e371d19caa08c84bb0818636122abc5c5c7ec1f2ba9c92cf18ca955b3c114f21848ae057f34750ed46dde8469f505ce218
SSDEEP

12288:Rg8nSmRYJAo1e0Vl3kFb9d8ZaAlhHfflAaTcS3yv7sbuVHU9V8cwCoGH+c+sBYlq:dnSmeJhZVlOb9d8Zj3ifqV8chP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cffb15d2a92d4169dbef0e7bedc4d0e_JaffaCakes118

Files

0cffb15d2a92d4169dbef0e7bedc4d0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e0195440e444aa658ccd4596cf96ef4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GetStartupInfoA
GetModuleHandleA
GlobalAddAtomA
RaiseException
InterlockedExchange
LocalAlloc
GetExitCodeProcess
CreateProcessA
GetTempFileNameA
GetVersion
GetVersionExA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
lstrlenA
GlobalFree
GetTempPathA
GetCurrentDirectoryA
GetSystemTime
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
SetErrorMode
GlobalAlloc
GlobalLock
GlobalUnlock
GetCommandLineA
GetTickCount
SetCurrentDirectoryA
Sleep
CreateDirectoryA
GetProcAddress
CloseHandle
SetFilePointer
WriteFile
ReadFile
GetLastError
CreateFileA
GetCurrentThreadId
RemoveDirectoryA
GetModuleFileNameA
FreeLibrary
LoadLibraryA

user32

SystemParametersInfoA
PostQuitMessage
IntersectRect
DrawFocusRect
SetRect
InvertRect
GetMenuStringA
ModifyMenuA
DefMDIChildProcA
IsIconic
GetUpdateRect
FillRect
SetDlgItemTextA
BeginPaint
EndPaint
GetDlgItem
MapVirtualKeyA
GetInputState
GetDlgItemTextA
SendDlgItemMessageA
EndDialog
DrawMenuBar
DestroyMenu
DrawEdge
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
GetFocus
RemovePropA
CallWindowProcA
SetPropA
GetPropA
UnionRect
CreateWindowExA
SetScrollRange
SetScrollPos
DestroyWindow
GetParent
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
DispatchMessageA
TranslateMessage
TranslateMDISysAccel
GetSysColor
SetFocus
GetDesktopWindow
RedrawWindow
DrawTextA
GetTabbedTextExtentA
LoadMenuIndirectA
GetMenuItemID
SetWindowLongA
UpdateWindow
GetMessageA
PeekMessageA
MsgWaitForMultipleObjects
ReleaseDC
CreateIconIndirect
GetDC
MapWindowPoints
WinHelpA
SetForegroundWindow
EnumThreadWindows
LoadStringA
MessageBoxA
DialogBoxParamA
GetTopWindow
GetClassNameA
GetWindow
LoadIconA
RegisterClassA
LoadImageA
RegisterClassExA
OemToCharA
GetAsyncKeyState
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetSystemMetrics
IsWindowVisible
LockWindowUpdate
SendMessageA
GetWindowLongA
AdjustWindowRectEx
IsZoomed
SetWindowPos
GetClientRect
SetWindowTextA
IsDialogMessageA
SetTimer
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
wsprintfA
ShowWindow
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenu
InvalidateRect
ClientToScreen
SetCursorPos
GetKeyboardState
GetCursorPos
ScreenToClient
CopyRect
UnhookWindowsHookEx
KillTimer
SetWindowsHookExA
CallNextHookEx
DestroyIcon
GetMenuState
DeleteMenu
GetSubMenu
PtInRect

gdi32

LPtoDP
CreateRectRgn
SelectClipRgn
TextOutA
SetPolyFillMode
Polygon
CreateHatchBrush
DPtoLP
SetTextAlign
GetNearestPaletteIndex
SetBkColor
SetROP2
GetTextMetricsA
GetCharWidthA
GetTextExtentPointA
SetTextColor
SetBkMode
GetStockObject
CreateSolidBrush
CreatePen
Rectangle
SelectObject
MoveToEx
LineTo
GetObjectA
CreateFontIndirectA
SelectPalette
RealizePalette
GetDeviceCaps
CreatePalette
CreateBitmap
CreateCompatibleBitmap
SetDIBits
DeleteObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

shell32

DragAcceptFiles
ShellExecuteA
DragQueryFileA

comctl32

ord17

winmm

timeEndPeriod
timeBeginPeriod
joyGetPosEx
joyGetDevCapsA
timeGetTime

msvcrt

_stricmp
strncpy
_errno
_rmdir
strrchr
strchr
strncat
_chdir
_mkdir
_ltoa
sprintf
_fcvt
_gcvt
__CxxFrameHandler
realloc
calloc
memmove
??2@YAPAXI@Z
remove
??3@YAXPAX@Z
_ftol
free
malloc
toupper
modf
atof
ceil
floor
_CIasin
_CIacos
strstr
_CIfmod
_CIpow
_chdrive
_splitpath
_findnext
_findfirst
_heapmin
_msize
isspace
tolower
isdigit
isalpha
_makepath
_strnicmp
isalnum
_strupr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_strlwr
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_findclose

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e0195440e444aa658ccd4596cf96ef4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

winmm

msvcrt

Sections

.text Size: 304KB - Virtual size: 302KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 304KB - Virtual size: 302KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 32KB - Virtual size: 31KB