0d79812fc00fd46a0e79abcdaae34b05_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d79812fc00fd46a0e79abcdaae34b05_JaffaCakes118
Size

624KB
MD5

0d79812fc00fd46a0e79abcdaae34b05
SHA1

462ad2cf7da2681eb2329ab3f1b2d2c2e2e80130
SHA256

43072a7eae80dd14e9a3857c90503670aecaf85344996845957f7130ecad1d87
SHA512

cb8c69f469eec384fcf4af4079e416dc5f2fd24183874e4cbdaac181c6b5af2c2a72b33a6ef6f2d3f9644d286b7fa986331314bb1471f7d7bce5925a5d64d0d1
SSDEEP

12288:vS1ibjXkXZ9OzdzUKcTi8WTNfyMifdeyWplOVPDFFt+5xcHGvpK/0AwxPy:RfXYSUe8WTNealgE5xbvw/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d79812fc00fd46a0e79abcdaae34b05_JaffaCakes118

Files

0d79812fc00fd46a0e79abcdaae34b05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fef5217787c2ca345ce3068a41c4eede

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
DeleteObject
GetStockObject
SetBkColor
SelectObject

kernel32

GetACP
lstrcpynA
FindNextFileW
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
VirtualFree
GetShortPathNameA
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
Sleep
GetTimeZoneInformation
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
CompareStringA
GlobalLock
EnterCriticalSection
HeapFree
CloseHandle
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
CreateEventW
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
lstrcmpiW
GetModuleFileNameA
InterlockedExchange
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
FormatMessageW
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
WideCharToMultiByte
lstrcmpiA
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
CreateFileA
LocalAlloc
GetLocaleInfoA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetModuleHandleW
GetVersion
HeapCreate
CreateProcessW
FindResourceA
VirtualAlloc
GetOEMCP
SetHandleCount

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

user32

SetDlgItemTextA
ReleaseDC
SetForegroundWindow
GetDesktopWindow
TrackPopupMenu
LoadIconA
LoadCursorA
ClientToScreen
GetDlgItem
GetSubMenu
SetWindowTextA
EndDialog
SetWindowLongA
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
PeekMessageA
SetFocus
FillRect
CreateWindowExA
GetWindowLongA
MessageBoxA
IsIconic
LoadStringA
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetKeyState
ScreenToClient
SendMessageA
UnregisterClassA
GetCursorPos
GetDC
DispatchMessageA
IsWindow
SetWindowPos
PostQuitMessage
DialogBoxParamA
GetSysColor
SetCursor
GetFocus
CallWindowProcA
PostMessageA
SystemParametersInfoA
EnableMenuItem
IsWindowVisible
InvalidateRect
RegisterClassA
GetClientRect
wsprintfA

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringLen
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegSetValueExW
RegDeleteKeyA

msvcrt

_exit
_cexit

Sections

iiqmsyq
Size: 620KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fef5217787c2ca345ce3068a41c4eede

Headers

File Characteristics

Imports

gdi32

kernel32

version

user32

ole32

oleaut32

advapi32

msvcrt

Sections

iiqmsyq Size: 620KB - Virtual size: 616KB

.bss Size: - Virtual size: 1KB

iiqmsyq
Size: 620KB - Virtual size: 616KB

.bss
Size: - Virtual size: 1KB