0d1136dca7a06e0ff77f06beae8958c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d1136dca7a06e0ff77f06beae8958c0_JaffaCakes118
Size

230KB
MD5

0d1136dca7a06e0ff77f06beae8958c0
SHA1

2847c9abd0f3f1b08a1511bd1827950bb0583165
SHA256

889d8da81fddb64c7f1187d40c21767ac327b05ca1c203bb59d08837606cd0e4
SHA512

1db8ea91c278e7680ded2a26416884181ad08eec6e75db3119add2f9059e7f989bc5552b6e0473a31db9e72ec101e976ec7bc7fc43a6648cf040c3515de00294
SSDEEP

3072:TOSYM52CRIq2Fk/nZSdmIJCq+Ybbgouevnx3SmMt/WhXsx9TKGYGfu/VKQ1bDecu:TOSTXR5TnZSdmeCZL4DcQGyY6bDe3yqj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d1136dca7a06e0ff77f06beae8958c0_JaffaCakes118

Files

0d1136dca7a06e0ff77f06beae8958c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fef8e2874eb64bcf02ca4a811a4be3ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
GetMailslotInfo
GetACP
GetSystemDefaultLCID
CreateEventA
SetLocaleInfoW
LoadLibraryExA
GetExpandedNameA
TlsAlloc
WaitForSingleObject
GetNumberFormatW
lstrcmpW
Beep
IsBadStringPtrW
GetLogicalDriveStringsW
OpenWaitableTimerW
IsBadStringPtrA
GetProcAddress
GetExitCodeProcess
GetAtomNameA
ConnectNamedPipe
CreateEventW
OpenMutexA
lstrcpyA
EnumCalendarInfoW

user32

WinHelpA
DialogBoxParamW
CopyIcon
GetClassInfoA
LoadImageW
SetWindowPos
ShowWindow
GetCaretPos
CreateDialogIndirectParamA
SetForegroundWindow
GetWindowRgn
GetMenuStringW
CharNextW
FindWindowA
MonitorFromWindow
CharLowerA
LoadMenuIndirectW
SetWindowLongW
EnableMenuItem
ActivateKeyboardLayout
GetDlgItemTextW
CreateDialogParamA
MessageBoxIndirectW
EndDialog
GetKeyboardLayout
LoadMenuIndirectA
EmptyClipboard
DialogBoxIndirectParamW
CreatePopupMenu
GetMenu
GetClassInfoExW
SetMenu
PostQuitMessage

gdi32

SetEnhMetaFileBits
CreateBrushIndirect
CreatePatternBrush
UpdateICMRegKeyA
CreateSolidBrush
GetTextExtentPointA
GetMetaFileA
GetEnhMetaFileW
StretchDIBits
RemoveFontResourceW
GetMetaFileW
GetStockObject
RemoveFontResourceA
CreateFontW
CreateColorSpaceA
GetTextExtentPointW
AddFontResourceA
CreateDIBSection
SetWinMetaFileBits
CreateFontIndirectA

advapi32

RegRestoreKeyW
RegCreateKeyExA

shell32

SHGetFolderLocation
StrNCmpIA
ExtractIconExW
SHGetFolderPathW
StrCmpNIW
StrRStrA
StrRChrIA
SHGetSpecialFolderLocation

comctl32

DllGetVersion
InitializeFlatSB
ImageList_GetDragImage
UninitializeFlatSB
ImageList_DragMove
CreateToolbar

ole32

CoInitialize
CoLockObjectExternal

oleaut32

VarDecDiv
VarR4FromDisp
VarI2FromBool
VectorFromBstr

winspool.drv

AddPrinterDriverW
DeletePrinterConnectionA
DeviceMode
SetPrinterDataExW
GetPrinterDataExW
SetPrinterDataW
DeletePrinterDriverExW

Sections

.UHw
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zPpj
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nPSvT
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Nvt
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.W
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.v
Size: 12KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.q
Size: 3KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fef8e2874eb64bcf02ca4a811a4be3ed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

winspool.drv

Sections

.UHw Size: 7KB - Virtual size: 7KB

.zPpj Size: 84KB - Virtual size: 83KB

.nPSvT Size: 12KB - Virtual size: 12KB

.Nvt Size: 3KB - Virtual size: 17KB

.W Size: 86KB - Virtual size: 85KB

.v Size: 12KB - Virtual size: 249KB

.q Size: 3KB - Virtual size: 126KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.UHw
Size: 7KB - Virtual size: 7KB

.zPpj
Size: 84KB - Virtual size: 83KB

.nPSvT
Size: 12KB - Virtual size: 12KB

.Nvt
Size: 3KB - Virtual size: 17KB

.W
Size: 86KB - Virtual size: 85KB

.v
Size: 12KB - Virtual size: 249KB

.q
Size: 3KB - Virtual size: 126KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B