0d500db301d074bb0ca587a88d4425d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d500db301d074bb0ca587a88d4425d6_JaffaCakes118
Size

640KB
MD5

0d500db301d074bb0ca587a88d4425d6
SHA1

dba89d03a181ab4c2e089927efdfacabdb69b573
SHA256

2ef1870a58363c2a2971c8ed0b4d334abc145c396fcdb85f3d416258c5e2917e
SHA512

b8dd242d537e79168599501040d5310c56bc47aa1d364b152be7fcdd4b89ceece26769591d71456e55b767316fc2e69d0e8d4a9ba536fc528b24c07391e1de01
SSDEEP

12288:yZlSBOsUTq+pFMT9fnq4vQ4U69Hb+NMyVtaAx9:yZlCftXpvqRJ69Hb+OyVta49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d500db301d074bb0ca587a88d4425d6_JaffaCakes118

Files

0d500db301d074bb0ca587a88d4425d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3f55e6e3840cebd83f182cba7b746fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
EnterCriticalSection
IsValidCodePage
GetStringTypeExA
GetCurrentThreadId
IsValidLocale
GetPrivateProfileSectionA
CompareStringW
SetEnvironmentVariableA
SetLocalTime
ReadConsoleOutputW
InterlockedIncrement
FreeEnvironmentStringsW
LeaveCriticalSection
GetCommandLineA
MapViewOfFileEx
SetStdHandle
GetSystemInfo
TerminateProcess
LCMapStringW
TlsFree
CreateRemoteThread
FormatMessageA
AddAtomA
WritePrivateProfileStringA
GetFileAttributesA
GetLastError
InterlockedDecrement
DebugBreak
GetEnvironmentStringsW
ReadConsoleInputW
GetLocaleInfoA
FreeEnvironmentStringsA
GetTimeFormatW
WaitForMultipleObjectsEx
CreateWaitableTimerW
GetCurrencyFormatA
VirtualFreeEx
GlobalUnlock
GetCPInfo
MultiByteToWideChar
WriteFile
InterlockedExchange
ReadFile
VirtualFree
GetCurrentThread
GetStringTypeW
VirtualProtect
GetModuleFileNameA
lstrcmpiW
EnumCalendarInfoExW
GetStartupInfoA
GetModuleHandleA
VirtualAlloc
ReadConsoleW
DeleteCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
GetVersionExA
SleepEx
GetVolumeInformationW
GetDiskFreeSpaceW
HeapValidate
HeapAlloc
SetConsoleCtrlHandler
HeapCreate
GetThreadTimes
GetSystemTime
GetTimeFormatA
GetProcAddress
GetModuleHandleW
SetLastError
GetOEMCP
LCMapStringA
VirtualQuery
GetFileType
lstrcpynW
HeapReAlloc
GetPrivateProfileSectionNamesA
IsBadWritePtr
InitializeCriticalSection
SetFilePointer
SetConsoleCP
GetStdHandle
GetLongPathNameA
CreateMutexA
GetStringTypeA
GetSystemDefaultLangID
RtlUnwind
GetUserDefaultLCID
GetEnvironmentStrings
QueryPerformanceCounter
SetHandleCount
GetACP
ExitProcess
EnumDateFormatsW
HeapDestroy
HeapFree
LocalAlloc
IsBadReadPtr
CompareStringA
TlsSetValue
FreeLibraryAndExitThread
FlushFileBuffers
TlsAlloc
WideCharToMultiByte
GetCurrentProcessId
GlobalSize
SetSystemTime
TlsGetValue
GetTickCount
UnhandledExceptionFilter
OpenFile
CloseHandle
OutputDebugStringA
GetDateFormatA
LoadLibraryExW
MoveFileA
GetTimeZoneInformation
OpenMutexA
GetComputerNameW
GetCurrentProcess
GetLocaleInfoW
GetSystemTimeAdjustment
FileTimeToLocalFileTime

comctl32

ImageList_SetBkColor
CreatePropertySheetPageW
ImageList_DrawEx
DrawStatusTextW
ImageList_SetFlags
ImageList_AddIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_Merge
ImageList_LoadImageW
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DragLeave
DrawStatusTextA
ImageList_LoadImageA

user32

ShowWindow
CreateIconFromResourceEx
MonitorFromRect
LoadAcceleratorsA
RegisterClassA
GetClipboardFormatNameA
GetMenuStringA
DdeQueryStringA
DlgDirSelectComboBoxExW
CloseWindow
DefFrameProcA
RegisterClassW
GetComboBoxInfo
CallMsgFilterW
EnumClipboardFormats
ReleaseDC
RemovePropA
CheckDlgButton
DrawCaption
CreateWindowExW
SetCaretPos
DestroyWindow
MessageBeep
LoadImageW
DrawStateW
InvalidateRgn
DdeSetQualityOfService
GetWindowRect
MapDialogRect
MessageBoxA
DestroyMenu
DdeFreeDataHandle
CharUpperBuffA
SystemParametersInfoA
BlockInput
OemToCharBuffA
FlashWindow
InSendMessageEx
GetForegroundWindow
BringWindowToTop
WINNLSGetIMEHotkey
DragDetect
CreateDialogParamA
DlgDirListA
CharToOemW
EnumDisplaySettingsExA
GetClassInfoA
IsDialogMessageW
TabbedTextOutA
DdeCreateDataHandle
GetUpdateRect
RegisterClassExA
DlgDirSelectComboBoxExA
ChangeDisplaySettingsExA
MapVirtualKeyExW
FindWindowW
DefWindowProcW
SendDlgItemMessageA
DialogBoxIndirectParamW
SetClassLongW
EnumDisplaySettingsA
SetDlgItemInt
GetMenuItemRect
ModifyMenuW
MoveWindow

shell32

DragQueryFile
RealShellExecuteExA
ExtractAssociatedIconExA
SHEmptyRecycleBinW
ExtractAssociatedIconExW

Sections

.text
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3f55e6e3840cebd83f182cba7b746fc

Headers

File Characteristics

Imports

kernel32

comctl32

user32

shell32

Sections

.text Size: 230KB - Virtual size: 229KB

.rdata Size: 248KB - Virtual size: 248KB

.data Size: 115KB - Virtual size: 121KB

.rsrc Size: 46KB - Virtual size: 45KB

.text
Size: 230KB - Virtual size: 229KB

.rdata
Size: 248KB - Virtual size: 248KB

.data
Size: 115KB - Virtual size: 121KB

.rsrc
Size: 46KB - Virtual size: 45KB