0d561636f03aee1173f41d954ac57e15_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d561636f03aee1173f41d954ac57e15_JaffaCakes118
Size

252KB
MD5

0d561636f03aee1173f41d954ac57e15
SHA1

c46f83a0dd05d661a3155a2c21a4854a2ab1d9c7
SHA256

d88ff06893b2eaa15e6d6d34398c49d174a22e35f0c88cdfb96dbb55ee97b59d
SHA512

c12210efacc3b3667469408ca97f118b0d5d3e557a476a36b67c4205f18793a37545d959ccf41886c032eb966455a076f95eb61bab9f064cb29c1ad06d890ca7
SSDEEP

6144:DXcRRCVfdRKUPSPVrOQSbXSkECPkF173PXellJZdyfHQhjo2QdLGZ9KwCTkn:DsRRCVfzK6QSbXSkE6s1LPKyfHQhjo2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d561636f03aee1173f41d954ac57e15_JaffaCakes118

Files

0d561636f03aee1173f41d954ac57e15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f77daddf2a0b997bc5f20617808441cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
FindTextA
ReplaceTextW
GetFileTitleW
ChooseFontA
PageSetupDlgW
GetSaveFileNameW
GetOpenFileNameA
GetOpenFileNameW
ReplaceTextA
PageSetupDlgA
GetFileTitleA
GetSaveFileNameA
PrintDlgA
ChooseColorA
FindTextW
LoadAlterBitmap
ChooseFontW

wininet

UnlockUrlCacheEntryFileA
HttpOpenRequestW
FtpCreateDirectoryW
InternetCrackUrlW
InternetAlgIdToStringW
UnlockUrlCacheEntryFileW
InternetCanonicalizeUrlA
UpdateUrlCacheContentPath
CreateUrlCacheContainerW
FtpRemoveDirectoryA
FtpDeleteFileA
RegisterUrlCacheNotification
FindFirstUrlCacheEntryA
HttpEndRequestW
InternetCreateUrlA
GopherGetAttributeW
InternetCombineUrlA
DeleteIE3Cache

user32

IsDlgButtonChecked
GetClassLongW
CreateDialogIndirectParamW
PostQuitMessage
CreateDialogIndirectParamA
IsZoomed
SetWindowsHookA
ClipCursor
CreateIcon

advapi32

LookupSecurityDescriptorPartsW

kernel32

TlsAlloc
EnumResourceTypesA
FreeEnvironmentStringsW
VirtualAlloc
GetTimeFormatA
IsBadWritePtr
MultiByteToWideChar
EnterCriticalSection
InterlockedExchange
GetStringTypeW
LCMapStringA
WideCharToMultiByte
GetLogicalDriveStringsA
GetModuleHandleA
GetDateFormatA
VirtualQuery
IsValidLocale
VirtualProtect
GetProcAddress
GetEnvironmentStrings
InitializeCriticalSection
GetCommandLineA
GetCPInfo
HeapReAlloc
TlsSetValue
LCMapStringW
GetPriorityClass
GetFileType
GetACP
HeapFree
GetSystemTimeAsFileTime
GetCurrentThread
GetDiskFreeSpaceW
SetHandleCount
GetOEMCP
LeaveCriticalSection
SetLastError
GetUserDefaultLCID
CompareStringA
SetEnvironmentVariableA
LocalSize
CompareStringW
GetStartupInfoA
GetEnvironmentVariableW
TlsFree
UnhandledExceptionFilter
GetStdHandle
HeapCreate
TlsGetValue
MoveFileExW
GetCurrentProcessId
VirtualFree
LoadLibraryA
ReadConsoleOutputAttribute
EnumDateFormatsW
GetTickCount
QueryPerformanceCounter
IsValidCodePage
WriteConsoleOutputAttribute
TerminateProcess
SetThreadAffinityMask
WriteFile
GetEnvironmentStringsW
EnumTimeFormatsA
GetCurrentThreadId
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcess
HeapSize
RtlUnwind
GetLocaleInfoW
HeapAlloc
EnumSystemLocalesA
DeleteCriticalSection
GetLastError
GetStringTypeA
GetTimeZoneInformation
GetModuleFileNameA
GetVersionExA
ExitProcess
GetSystemInfo
GetLocaleInfoA

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77daddf2a0b997bc5f20617808441cb

Headers

File Characteristics

Imports

comdlg32

wininet

user32

advapi32

kernel32

Sections

.text Size: 107KB - Virtual size: 107KB

.data Size: 136KB - Virtual size: 153KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 107KB - Virtual size: 107KB

.data
Size: 136KB - Virtual size: 153KB

.rsrc
Size: 8KB - Virtual size: 7KB