0d12377e765f2582cc839aa8317f9e81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d12377e765f2582cc839aa8317f9e81_JaffaCakes118
Size

631KB
MD5

0d12377e765f2582cc839aa8317f9e81
SHA1

cc48a60db1ed9ca3101e5089ea500c511b297a94
SHA256

9700aa5b169a5a7890415f74939c27dfc61ed22ea6d6b945164653dca6d9a226
SHA512

ac0a91041347fdf3472dfc1f578b2c1165c9cdc4d42fa2026ae161409ae568b92fb1573af7f2dea71b45f2666c3ded3e45615aaa78df635fc1cda6e2d907156d
SSDEEP

12288:DOzvSsor0DdMladkKysGpxRSqrdFQBrDQ8drSlSB9J:6vor0DdMlUbGpKqhFQxDRDV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d12377e765f2582cc839aa8317f9e81_JaffaCakes118

Files

0d12377e765f2582cc839aa8317f9e81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c660b285cf10e6f09da21141e2ba5cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\cjp

Imports

gdi32

StartPage
GetGlyphOutlineA
PolyBezierTo
PlayMetaFile
GetSystemPaletteEntries
GetBitmapBits

wininet

InternetCheckConnectionW
UnlockUrlCacheEntryFileA

user32

DefWindowProcA
DestroyWindow
GetClipboardFormatNameW
CreateWindowExW
InsertMenuItemA
MessageBoxW
RegisterClassExA
RegisterClassA
ShowWindow
SetClassLongA
DefFrameProcA
DefWindowProcW

comctl32

InitCommonControlsEx
CreateStatusWindowW
ImageList_SetBkColor
CreateStatusWindow
ImageList_SetIconSize

kernel32

GetConsoleMode
EnterCriticalSection
HeapReAlloc
OpenMutexA
lstrcmpA
WriteConsoleInputA
UnhandledExceptionFilter
CreateProcessA
GetCurrentThreadId
SetHandleCount
CreateFileA
HeapValidate
TerminateProcess
HeapSize
GetLocaleInfoA
GetTimeZoneInformation
GetDateFormatA
GetStartupInfoA
LeaveCriticalSection
GetEnvironmentStringsW
SetPriorityClass
WriteConsoleW
TlsSetValue
InterlockedExchange
LCMapStringW
SetStdHandle
GetSystemTimeAsFileTime
TlsAlloc
CompareStringA
GetLocaleInfoW
WriteFile
FreeEnvironmentStringsW
GetUserDefaultLCID
GetConsoleCP
HeapDestroy
GetModuleHandleA
WritePrivateProfileSectionA
WriteConsoleOutputAttribute
lstrcmp
CreateWaitableTimerW
IsValidLocale
WriteConsoleA
HeapFree
GetTimeFormatA
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryA
GetConsoleOutputCP
GetProfileStringA
DeleteCriticalSection
LocalCompact
GetEnvironmentStrings
Sleep
CreateMutexA
GetLastError
SetUnhandledExceptionFilter
ExitProcess
GetCurrentProcess
GetCPInfo
HeapAlloc
HeapCreate
AllocConsole
SetFilePointer
GetCurrentProcessId
EnumSystemLocalesA
VirtualFree
InterlockedIncrement
IsValidCodePage
GetDateFormatW
TlsFree
QueryPerformanceCounter
GetOEMCP
SetConsoleTextAttribute
PulseEvent
ReleaseMutex
GetModuleHandleW
LCMapStringA
WideCharToMultiByte
FlushFileBuffers
GetStringTypeA
MultiByteToWideChar
EnumSystemCodePagesA
GetProcAddress
SetEnvironmentVariableA
GetPrivateProfileSectionA
SetConsoleCtrlHandler
IsDebuggerPresent
WriteProfileSectionW
GetStdHandle
TlsGetValue
GetFileType
GetStringTypeW
ReadFile
InterlockedDecrement
VirtualQuery
GetTickCount
VirtualAlloc
GetCurrentThread
CloseHandle
CompareStringW
FreeEnvironmentStringsA
SetLastError
FlushViewOfFile
GetACP
ReadFileEx
RtlUnwind
GetCommandLineA

Sections

.text
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c660b285cf10e6f09da21141e2ba5cf

Headers

File Characteristics

PDB Paths

Imports

gdi32

wininet

user32

comctl32

kernel32

Sections

.text Size: 341KB - Virtual size: 341KB

.rdata Size: 69KB - Virtual size: 88KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 341KB - Virtual size: 341KB

.rdata
Size: 69KB - Virtual size: 88KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 104KB - Virtual size: 104KB