0dd3dbc4a53d9a5bcadbff6015b90c5d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0dd3dbc4a53d9a5bcadbff6015b90c5d_JaffaCakes118
Size

211KB
MD5

0dd3dbc4a53d9a5bcadbff6015b90c5d
SHA1

8ee1dbdc36be57f4356b17ba6211c4d5d84cd034
SHA256

df166a7fefb8677b7037e793a6aba464aa6f60756cacf679bd8dfe1136d7c291
SHA512

3b1fd508032ebc21a9e0f2896e25d9ac36be77073394db8f674b2d15ba16759064a8050cbce3365ca12700facbcdc1d806f718084e63fe2dffa4389c46dd6472
SSDEEP

3072:pubtHp1Zh47yFl1qZpq2kKHHNHlT5NRZVFBvK3pNQLcKMwT1gTSJVGQIEZh:KHp1gM1qZpq2pFFHZVFtK5WLJf3JV19b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd3dbc4a53d9a5bcadbff6015b90c5d_JaffaCakes118

Files

0dd3dbc4a53d9a5bcadbff6015b90c5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d586db4e1a2e6f16241d5045b68850cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
FindFirstFileA
FindNextFileW
FreeEnvironmentStringsA
GetACP
GetCurrentDirectoryA
GetCurrentThread
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileType
GetModuleHandleW
GetProcessHeap
GetStartupInfoW
GetStringTypeExA
GetSystemDefaultLCID
GlobalDeleteAtom
LeaveCriticalSection
LocalFree
MapViewOfFile
MulDiv
ReadFile
SetCurrentDirectoryA
SetFilePointer
TlsAlloc
WaitForSingleObject

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
CreateToolbarEx
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
InitCommonControlsEx
PropertySheetA
PropertySheetW

shell32

DragFinish
DragQueryFileA
DragQueryFileW
ExtractIconW
SHBindToParent
SHCreateDirectoryExA
SHFileOperationW
SHGetFileInfoA
SHGetFileInfoW
SHGetSettings
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteEx
ShellExecuteW

advapi32

CloseServiceHandle
CopySid
CryptAcquireContextA
CryptGenRandom
DeleteService
DeregisterEventSource
FreeSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsValidSid
OpenSCManagerA
RegDeleteValueW
RegEnumKeyA
RegFlushKey
RegQueryValueExA
RevertToSelf
SetSecurityDescriptorDacl

user32

AdjustWindowRectEx
BeginPaint
CloseClipboard
CreateMenu
DrawMenuBar
DrawTextA
EqualRect
GetDC
GetPropA
GetScrollInfo
IsIconic
IsZoomed
LoadCursorA
LoadStringA
MessageBeep
RegisterWindowMessageA
ReleaseCapture
SetActiveWindow
WinHelpA
wsprintfA

gdi32

Chord
CopyMetaFileW
CreateDIBitmap
CreateMetaFileW
CreateRectRgn
EnumEnhMetaFile
ExcludeClipRect
FillRgn
FrameRgn
GdiFlush
GetCurrentObject
GetEnhMetaFileDescriptionA
GetPixel
GetTextCharsetInfo
GetWindowOrgEx
LineTo
OffsetRgn
PatBlt
PolyDraw
SaveDC
ScaleWindowExtEx
SetDIBitsToDevice
SetTextJustification
StretchBlt

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

5xmCqaGZ
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d586db4e1a2e6f16241d5045b68850cd

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

advapi32

user32

gdi32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

5xmCqaGZ Size: 512B - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

5xmCqaGZ
Size: 512B - Virtual size: 120KB