0d41dbe9a2e94111aa2832e817e5f970_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d41dbe9a2e94111aa2832e817e5f970_JaffaCakes118
Size

813KB
MD5

0d41dbe9a2e94111aa2832e817e5f970
SHA1

537e2e217192ffb10ff5cd5a178ed0649a0148a5
SHA256

16de88478cee62c723028193e7795ebd26da3e7fbe1452ed79f0dfa188f094f1
SHA512

76c8ef1ccde3e6f857ab5db6051502e404f8edc7cbc3a7ca38f26fdc0ec83e796313fd067c2e5048e505072f5941bc74f107b2d49ac1523344c03dd1e8548953
SSDEEP

12288:whCodQClaI0QZ+rkFgRw/ODyuiwL+bby8Tej0ystW+T4zORm6:wJdQClaIBRAw/wiwLYrYY4zORm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d41dbe9a2e94111aa2832e817e5f970_JaffaCakes118

Files

0d41dbe9a2e94111aa2832e817e5f970_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58f615e756e385fb1bdc1804b2ea5f06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateEnhMetaFileW
PtVisible

advapi32

RegSetValueExW
CryptCreateHash
RegOpenKeyA
RegCreateKeyW
RegLoadKeyA
InitiateSystemShutdownW
RegQueryInfoKeyW
AbortSystemShutdownW
CryptGetDefaultProviderA
RegCreateKeyExA
CryptEnumProvidersA
RegEnumValueA
LookupSecurityDescriptorPartsW
CryptGetDefaultProviderW
LogonUserA
CryptEnumProviderTypesW
CreateServiceW
RegReplaceKeyA

comctl32

ImageList_Add
CreateStatusWindow
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Merge
ImageList_Write
InitCommonControlsEx
CreateStatusWindowA
DrawStatusText
ImageList_DrawIndirect
CreatePropertySheetPageA
ImageList_DrawEx
CreateToolbarEx
ImageList_Copy

shell32

ExtractAssociatedIconA
DuplicateIcon
InternalExtractIconListW
ExtractIconEx

user32

DdeSetUserHandle
DdeAbandonTransaction
CreateWindowExW
EnableMenuItem
DestroyWindow
MessageBoxW
ClientToScreen
RegisterClassExA
RegisterClassA
DefWindowProcA
ShowWindow

kernel32

TlsSetValue
UnhandledExceptionFilter
QueryPerformanceCounter
EnterCriticalSection
ExitProcess
InitializeCriticalSection
IsDebuggerPresent
EnumSystemLocalesA
GetStartupInfoA
GetModuleHandleA
GetConsoleOutputCP
GetModuleFileNameA
CreateMutexA
GetPrivateProfileIntW
GetTickCount
MultiByteToWideChar
CreateFileA
GetProcAddress
VirtualAlloc
GetEnvironmentStringsW
InterlockedIncrement
IsValidLocale
WideCharToMultiByte
GetDateFormatA
HeapReAlloc
VirtualQuery
FreeLibrary
HeapFree
GetConsoleMode
GetCurrentProcessId
InterlockedExchange
GetSystemTimeAsFileTime
HeapAlloc
GetConsoleCP
FormatMessageW
OpenSemaphoreA
GetTimeFormatA
lstrcpynA
HeapDestroy
SetVolumeLabelA
SetUnhandledExceptionFilter
GetOEMCP
CreateWaitableTimerA
ReadFile
SetFilePointer
IsValidCodePage
HeapSize
Sleep
SetTimeZoneInformation
CloseHandle
GetVolumeInformationW
GetDiskFreeSpaceExW
GetTimeZoneInformation
CompareStringA
GetLocaleInfoW
InterlockedDecrement
VirtualFree
SetLastError
GetFileType
GetLastError
OpenWaitableTimerW
GetUserDefaultLCID
LoadLibraryA
LCMapStringW
GetCPInfo
GetStringTypeA
GetModuleFileNameW
SetHandleCount
LCMapStringA
GetCurrentThreadId
GetStartupInfoW
GetConsoleTitleW
RtlUnwind
DeleteFiber
FlushFileBuffers
TlsFree
GetCurrentProcess
GetEnvironmentStrings
GetLocaleInfoA
TlsAlloc
FindFirstFileExA
FreeEnvironmentStringsA
GetCurrentThread
FreeEnvironmentStringsW
SetConsoleCtrlHandler
DeleteCriticalSection
FindAtomA
LeaveCriticalSection
OpenMutexA
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
GetCommandLineW
GetCommandLineA
GetVersionExA
CreateSemaphoreW
TerminateProcess
GetExitCodeThread
HeapCreate
GetPrivateProfileIntA
WriteFile
GetStdHandle
TlsGetValue
WriteConsoleA
GetStringTypeW
GetACP
CompareStringW
WriteConsoleW

Sections

.text
Size: 593KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58f615e756e385fb1bdc1804b2ea5f06

Headers

File Characteristics

Imports

gdi32

advapi32

comctl32

shell32

user32

kernel32

Sections

.text Size: 593KB - Virtual size: 592KB

.rdata Size: 59KB - Virtual size: 75KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 50KB - Virtual size: 49KB

.text
Size: 593KB - Virtual size: 592KB

.rdata
Size: 59KB - Virtual size: 75KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 50KB - Virtual size: 49KB