0db63766b3f820d1c20881d75e0e01c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0db63766b3f820d1c20881d75e0e01c1_JaffaCakes118
Size

127KB
MD5

0db63766b3f820d1c20881d75e0e01c1
SHA1

4705828279cf168d12ac6bb2cef5a8314879d115
SHA256

9367bc80ca1a663579e6574d1051d4370237dc5bee47f0c94858376b7636a798
SHA512

0f09d813e0cd7eb64fa9eec3d02a258a1d53ecaadcff264a58c6d6bc3210de636ff8c02713d26e67c2a696fb302686e2d56a3f5d4b234adbf4be3dd3bf07bc9f
SSDEEP

1536:wG81MhS3ff+Yfhz9i2Jtzzu3gXlqComdJclLyapa5ep8aSRzA2oc8Gv2gDTYxy03:wGsOYfnjJtzzt4uv8KCfbgqwgYg9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db63766b3f820d1c20881d75e0e01c1_JaffaCakes118

Files

0db63766b3f820d1c20881d75e0e01c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3338c692a9fe47a217dec9b16957d55f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetLastActivePopup
CheckMenuItem
ModifyMenuW
ReleaseDC
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
MessageBoxW
GetSysColor
GetWindowLongW
GetWindowTextW
LoadCursorW
GetParent
EnableMenuItem
IsWindowEnabled
EnableWindow
GetDC
GetSysColorBrush

kernel32

GetShortPathNameW
GetTickCount
HeapReAlloc
HeapDestroy
GetStartupInfoA
LCMapStringW
TerminateProcess
GetModuleFileNameA
QueryPerformanceCounter
SetHandleCount
GetStringTypeW
VirtualProtect
IsBadReadPtr
GetStringTypeA
RtlUnwind
GetCommandLineA
GetProcessAffinityMask
LCMapStringA
GetStdHandle
GetCurrentProcessId
GetEnvironmentStringsW
HeapAlloc
VirtualQuery
WriteFile
GetCPInfo
GetFileType
VirtualAlloc
EnumResourceTypesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetSystemTimeAsFileTime
GetFileAttributesA
GetEnvironmentStrings
GetCurrentProcess
FlushFileBuffers
FreeEnvironmentStringsW
GetOEMCP
HeapSize
IsBadCodePtr
SetFilePointer
IsBadWritePtr
HeapCreate
SetStdHandle
GetSystemInfo
VirtualFree
ExitProcess

shell32

SHGetSpecialFolderPathW

gdi32

SelectObject
ExtTextOutW
TextOutW
SetViewportOrgEx
RestoreDC
SetMapMode
RectVisible
DeleteDC
GetDeviceCaps
SaveDC
GetClipBox
OffsetViewportOrgEx
PtVisible
ScaleWindowExtEx
ScaleViewportExtEx
SetTextColor
DeleteObject
SetWindowExtEx
Escape
SetBkColor
CreateBitmap
SetViewportExtEx
GetStockObject

ole32

CoCreateInstance
CoUninitialize
CoInitialize

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shlwapi

PathFileExistsW
PathAppendW
PathFindFileNameW
PathFindExtensionW

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3338c692a9fe47a217dec9b16957d55f

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

ole32

advapi32

winspool.drv

shlwapi

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 63KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 63KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 104KB