0d4cecf5a7e6e4b65a07e3c344ddc698_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d4cecf5a7e6e4b65a07e3c344ddc698_JaffaCakes118
Size

592KB
MD5

0d4cecf5a7e6e4b65a07e3c344ddc698
SHA1

63ff9d038ae5b2a66a41219d7f4d4dedbbb3751a
SHA256

ad090584d60bc9723d72918dddde9f078f7b8620f96a82933ba036793803981f
SHA512

aa118bd3677769cbd147d674b3357e50087ba2ec34d274341e4819eb8b982a8efcf520eaeaf0d9e076b50694ea019f9ebdbdb44ef13a6defdd002e11ddb6cbe4
SSDEEP

12288:Q0pvP54gS6zWJ3P+o7i0Vb+zWFUptogNvCqOiUWY49:Q0pnLz4P17i0bcOUptRRLUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d4cecf5a7e6e4b65a07e3c344ddc698_JaffaCakes118

Files

0d4cecf5a7e6e4b65a07e3c344ddc698_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee58c50aa2ad724fb80cc4c240635e05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\eodpdweef\mavoehda\rry\nileezc\j

Imports

advapi32

RegQueryValueA
CryptCreateHash
RegSetValueExW
LookupAccountNameA

wininet

InternetGetConnectedState
InternetFindNextFileA
ShowCertificate
InternetGetLastResponseInfoW

shell32

SHGetPathFromIDListW
SHInvokePrinterCommandW
SHEmptyRecycleBinW
SHFileOperationA

kernel32

WideCharToMultiByte
CompareStringW
EnumSystemLocalesA
GetCPInfo
EnterCriticalSection
LCMapStringW
SetConsoleOutputCP
GetOEMCP
ReadFile
GetConsoleOutputCP
VirtualQuery
GetSystemDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
GetVersionExA
UnhandledExceptionFilter
GetCurrentProcessId
GetUserDefaultLCID
InterlockedExchange
lstrlenW
SetCurrentDirectoryW
WriteFile
MultiByteToWideChar
GetLocaleInfoW
TlsGetValue
RtlUnwind
GetEnvironmentStringsW
GetModuleFileNameA
CreateMutexA
ExitProcess
DeleteCriticalSection
GetFileType
GetLocaleInfoA
CreateProcessA
GetStartupInfoA
WriteConsoleW
SetEnvironmentVariableA
GetLastError
GetTimeFormatA
GlobalSize
HeapCreate
TlsFree
VirtualAlloc
GetProcessHeap
IsValidLocale
FlushFileBuffers
SetThreadPriority
GetEnvironmentStrings
SetConsoleCtrlHandler
InterlockedDecrement
GetStringTypeA
GetProcAddress
GetDateFormatA
SetFilePointer
GetConsoleMode
LoadLibraryA
FreeEnvironmentStringsA
Sleep
IsValidCodePage
CloseHandle
GetCurrentThreadId
GetExitCodeProcess
TlsAlloc
GetCurrentProcess
GetTimeZoneInformation
SetHandleCount
GetACP
OpenMutexA
HeapDestroy
HeapFree
FreeLibrary
InitializeCriticalSection
InterlockedIncrement
LCMapStringA
QueryPerformanceCounter
SetLastError
HeapSize
CreateFileA
OpenFileMappingW
WriteConsoleA
GetModuleHandleA
IsDebuggerPresent
GetConsoleCP
GetTickCount
VirtualFree
HeapReAlloc
CompareStringA
GetCommandLineA
GetStdHandle
TlsSetValue
FreeEnvironmentStringsW
GetTempFileNameW
GetStringTypeW
SetStdHandle
LeaveCriticalSection
GetCurrentThread
GetMailslotInfo
TerminateProcess
SetUnhandledExceptionFilter

comctl32

ImageList_SetIconSize
ImageList_Destroy
InitCommonControlsEx
CreateMappedBitmap
ImageList_DragLeave
ImageList_EndDrag
CreateUpDownControl
ImageList_ReplaceIcon

user32

SetWindowLongW
MessageBoxA
DdeFreeStringHandle
CreateDialogIndirectParamA
FreeDDElParam
DestroyWindow
OemToCharBuffW
DispatchMessageA
RegisterDeviceNotificationW
ShowWindow
ValidateRect
TranslateAcceleratorA
SwapMouseButton
RegisterClassA
SetCaretBlinkTime
OpenIcon
CreateMDIWindowW
DefWindowProcA
LoadIconA
PostThreadMessageW
IsCharLowerW
RegisterClassExA
GetWindowThreadProcessId
CreateWindowExW
UnionRect
ReplyMessage
GetKeyboardLayoutList
ArrangeIconicWindows

comdlg32

PageSetupDlgA
ChooseFontA
GetSaveFileNameW

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee58c50aa2ad724fb80cc4c240635e05

Headers

File Characteristics

PDB Paths

Imports

advapi32

wininet

shell32

kernel32

comctl32

user32

comdlg32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 242KB - Virtual size: 241KB

.data Size: 118KB - Virtual size: 127KB

.rsrc Size: 50KB - Virtual size: 50KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 242KB - Virtual size: 241KB

.data
Size: 118KB - Virtual size: 127KB

.rsrc
Size: 50KB - Virtual size: 50KB