0cdba7ea08b8de74a1b70db38a803a35_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0cdba7ea08b8de74a1b70db38a803a35_JaffaCakes118
Size

304KB
MD5

0cdba7ea08b8de74a1b70db38a803a35
SHA1

2822d6388530388fb7f37ab973b4c473d78c78f2
SHA256

e763b12627147fb0a0161d904b3f0a78819e9507dae3c7ccb52dea9e84ebff1e
SHA512

5cb0f93ba3d65ab19792bef26f6e17bd315a207814892dbeeba32a517afaf12e86b0a45aa4b756a9d44ed3b0861929517182bd1fadf79abfbfa2b969e97930b6
SSDEEP

6144:qi6NNjPhiW4ejMtvJpXn7cxz80MJBrgSOxKPLOrIifzZ/KV:KTPhRmv7c98/9gSeSLOrIWzZ/KV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cdba7ea08b8de74a1b70db38a803a35_JaffaCakes118

Files

0cdba7ea08b8de74a1b70db38a803a35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baea5fc4ef1351f7fdbe44b4ff990eb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
TerminateThread
FreeLibrary
LockResource
FindNextChangeNotification
DuplicateHandle
FindNextFileW
lstrlenW
FindFirstFileW
SetEndOfFile
MultiByteToWideChar
SuspendThread
GetCurrentThread
GetLocalTime
GlobalAlloc
CreateFileW
LoadResource
SetEvent
GetFileAttributesW
FindResourceExW
LoadLibraryW
GetCurrentProcessId
MulDiv
Sleep
SizeofResource
CreateWaitableTimerW
QueryDosDeviceW
GetModuleFileNameW
GetVersion
FindResourceW
ReadProcessMemory
GetFileAttributesExW
WaitForSingleObject
SetCurrentDirectoryW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
GetSystemTime
VirtualAlloc
DeleteFileW
SetFilePointer
GetUserDefaultLangID
SetWaitableTimer
ReadFile
GetLogicalDrives
WritePrivateProfileStringW
WaitForMultipleObjects
GetDriveTypeW
MoveFileW
InterlockedIncrement
GetProcAddress
CreateThread
FindClose
WriteFile

user32

PostMessageW
SetCursor
RegisterClassExW
GetWindowDC
WindowFromPoint
AppendMenuW
CreateWindowExW
LoadCursorW
GetSystemMetrics
SystemParametersInfoW
SetDlgItemTextW
GetWindowTextW
SendMessageW
EndDialog
PostQuitMessage
SetWindowPos
RegisterWindowMessageW
RegisterHotKey
SetForegroundWindow
LoadBitmapW
SetWindowTextW
DispatchMessageW
GetClassNameW
EnableWindow
LoadImageW
MessageBoxW
TranslateMessage
SetCursorPos
DefWindowProcW
FillRect
DialogBoxParamW
InvalidateRect

gdi32

CreateRoundRectRgn
CreateICW
CreateFontIndirectW
MoveToEx
CreateSolidBrush
StretchBlt
SetDIBits
SetMapMode
GetStockObject
SetBkMode
GetMapMode

advapi32

RegDeleteValueW
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegCloseKey

shell32

SHChangeNotify
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoInitializeEx

oleaut32

OleLoadPicture

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baea5fc4ef1351f7fdbe44b4ff990eb5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 24KB