0d0078ed0356fcec2c1d8c0979b02dfb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d0078ed0356fcec2c1d8c0979b02dfb_JaffaCakes118
Size

188KB
MD5

0d0078ed0356fcec2c1d8c0979b02dfb
SHA1

0dc5e5a7289390e80568f46bdcda0a1c836e3452
SHA256

c19af74a0a622978ba0f8c6a6e279cf8aff283f43201979decfe8fe748a8ead4
SHA512

44abdf8a4e59349f081aa1bcb22e095a983774036e64e1fbd34ec65256ba966c28efca63ce57729645c3afa41997d7f457467ae093f81e68fe5923b7a3d0fb01
SSDEEP

3072:/h7MFPkQCtQTWOwtfSVGBOqLYjloU5/r4UwkZhCD2jFoUV:5ckUJr4WaDeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d0078ed0356fcec2c1d8c0979b02dfb_JaffaCakes118

Files

0d0078ed0356fcec2c1d8c0979b02dfb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

851eb41a6cc23e5970462ffe3d164913

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetLocalTime
GetCurrentProcessId
GetLastError
FreeResource
LockResource
LoadResource
FindResourceA
GetACP
GetLocaleInfoA
lstrlenA
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
HeapFree
HeapReAlloc
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
SetEvent
CloseHandle
WaitForSingleObject
CreateThread
CreateEventA
Sleep
GetCommandLineA
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GlobalDeleteAtom
GlobalAddAtomA
SetLastError
GetComputerNameA
GetProcessHeap
HeapAlloc
FormatMessageA
LocalFree
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LoadLibraryExA
SizeofResource
FlushFileBuffers
ReadFile
SetEndOfFile
GetStringTypeW
GetStringTypeA
CreateFileA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
GetStdHandle
SetHandleCount
SetFilePointer
GetFileType
SetStdHandle
WriteFile
GetVersion
SetUnhandledExceptionFilter
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
GetStartupInfoA
ExitProcess
RtlUnwind
InterlockedExchange
RaiseException

user32

PostThreadMessageA
DispatchMessageA
GetMessageA
SetProcessWindowStation
OpenWindowStationA
OpenDesktopA
GetProcessWindowStation
RegisterClassExA
GetThreadDesktop
GetWindowLongA
SetWindowLongA
DefWindowProcA
GetDesktopWindow
CharUpperA
CreateWindowExA
TranslateMessage
CloseWindowStation
LoadStringA
CharNextA
SetThreadDesktop
RegisterWindowMessageA
SendMessageA
IsWindow
CloseDesktop

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

ole32

CoSetProxyBlanket
CoTaskMemRealloc
CoTaskMemAlloc
CoResumeClassObjects
CoSuspendClassObjects
CoUninitialize
CoRegisterClassObject
CoInitializeSecurity
CoInitializeEx
CoRevokeClassObject
CoImpersonateClient
CoCreateInstance
CoTaskMemFree

oleaut32

VariantInit
VariantClear
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString
SafeArrayDestroy

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

851eb41a6cc23e5970462ffe3d164913

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 24KB - Virtual size: 30KB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 24KB - Virtual size: 30KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 20KB - Virtual size: 19KB