0d7d2722ab2712f6789f723cba6f23a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d7d2722ab2712f6789f723cba6f23a9_JaffaCakes118
Size

680KB
MD5

0d7d2722ab2712f6789f723cba6f23a9
SHA1

c7534dd8d60790f712b99563ff9b1908bf179f75
SHA256

43bcaae48aebf25852fb076a6b7065f0999154a3f3b3d2d46ff25b31c0f6304f
SHA512

66edb979d7cade7e2fda1d7900ed62bbb3d44b4dbfc60fcbc8722a16b3d8d2f0028d2aface55e30daec808da9f7a7732a2d827ea8e45949b9188263e2c00e399
SSDEEP

12288:vMxgS0ubCbtJF4USZdkhm72D38H5QzNkTVcV1bvB9:vMFdCbtHSZqA7O3cwNgVcV1r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d7d2722ab2712f6789f723cba6f23a9_JaffaCakes118

Files

0d7d2722ab2712f6789f723cba6f23a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae65fa7015b6e175f696cb7f2d61ca0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\qfmye\eele\xzqefmroh\ajveltoee\galonyobte\oootezkoo.pdb

Imports

kernel32

DebugActiveProcess
GetTimeFormatA
GetFileAttributesW
EnterCriticalSection
GetCurrentThread
SetEnvironmentVariableA
GetPrivateProfileStringA
LoadLibraryW
CreateMutexA
CompareFileTime
GetTimeZoneInformation
VirtualQuery
GetTempPathW
GetThreadPriority
FindFirstFileExA
GetFileType
LocalReAlloc
CloseHandle
CreateMailslotA
SetConsoleMode
GetProcAddress
GetConsoleTitleW
LeaveCriticalSection
GetCPInfo
DeleteCriticalSection
ExitThread
FindAtomW
GetStringTypeExA
MultiByteToWideChar
VirtualProtect
OpenMutexA
GetExitCodeProcess
FlushViewOfFile
FoldStringW
HeapFree
GetCommandLineW
LoadLibraryA
ExitProcess
EnumResourceNamesA
EnumTimeFormatsW
GetSystemTimeAsFileTime
HeapReAlloc
HeapCreate
FreeEnvironmentStringsW
LCMapStringW
LoadResource
UnhandledExceptionFilter
GetProfileStringA
LocalUnlock
GetEnvironmentVariableA
GetLastError
WideCharToMultiByte
GetEnvironmentStrings
IsValidLocale
GetSystemInfo
SetStdHandle
SetFilePointer
GetFileAttributesExW
GetSystemTimeAdjustment
EnumDateFormatsA
SetLastError
TlsFree
EnumSystemLocalesA
GlobalAddAtomA
CommConfigDialogW
VirtualFree
EnumCalendarInfoW
HeapDestroy
SetConsoleCP
SetThreadLocale
GetModuleFileNameW
GetOEMCP
FlushFileBuffers
LCMapStringA
LockFileEx
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetStartupInfoW
GetACP
HeapAlloc
SetHandleCount
GetModuleFileNameA
GetStdHandle
GetShortPathNameW
GetCurrentProcessId
SetWaitableTimer
lstrcatA
lstrcat
GetCurrentProcess
GetStartupInfoA
GetStringTypeW
TlsGetValue
FillConsoleOutputAttribute
GetModuleHandleW
GetLocaleInfoW
InterlockedExchange
QueryPerformanceCounter
GetCommandLineA
HeapSize
GetTickCount
CreatePipe
GetEnvironmentStringsW
GetDateFormatA
GetVolumeInformationA
lstrcmp
GetCurrencyFormatW
SetConsoleActiveScreenBuffer
ReadFile
IsBadWritePtr
GetCurrentThreadId
GetEnvironmentVariableW
GlobalReAlloc
CompareStringA
GetSystemTime
InitializeCriticalSection
GetModuleHandleA
ReadConsoleA
GetPrivateProfileStructA
WriteProfileStringA
SetLocaleInfoA
GlobalAddAtomW
TerminateProcess
CompareStringW
GlobalLock
GetUserDefaultLCID
RtlUnwind
GetStringTypeA
CreateFileMappingA
MoveFileA
WriteFile
TlsAlloc
IsValidCodePage
VirtualAlloc
GetLocaleInfoA
GlobalGetAtomNameW
GetPrivateProfileSectionNamesW
TlsSetValue
GetVersionExA
AddAtomA

comctl32

InitCommonControlsEx
ImageList_BeginDrag
CreateToolbar
ImageList_LoadImageA
CreateStatusWindowW

user32

GetWindowRgn
TileChildWindows
EnumDisplaySettingsA
DlgDirListW
OffsetRect
EmptyClipboard
CreateCaret
MessageBoxW
RegisterClassA
DrawStateA
CallMsgFilterW
DefDlgProcA
LoadMenuIndirectA
GetMenuCheckMarkDimensions
EditWndProc
GetIconInfo
RegisterClipboardFormatW
GetAltTabInfo
TabbedTextOutA
DestroyWindow
DefWindowProcW
EnableMenuItem
GetSysColorBrush
GetDCEx
GetMessageExtraInfo
LoadMenuW
RegisterClassExA
BeginDeferWindowPos
GetMenuState
ExcludeUpdateRgn
GetScrollPos
ToUnicode
ShowScrollBar
CreateDialogIndirectParamA
EnumPropsA
EnumWindows
GetClassInfoExW
CreateWindowExA
ShowWindow
MsgWaitForMultipleObjects
GetCursorInfo
DefFrameProcW
LoadStringA
DefDlgProcW
CopyRect
DestroyAcceleratorTable
RemovePropW
DdeClientTransaction

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae65fa7015b6e175f696cb7f2d61ca0e

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 108KB - Virtual size: 113KB

.rsrc Size: 140KB - Virtual size: 138KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 108KB - Virtual size: 113KB

.rsrc
Size: 140KB - Virtual size: 138KB