0dc3d70062e6337d36819efd0fb5b601_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0dc3d70062e6337d36819efd0fb5b601_JaffaCakes118
Size

260KB
MD5

0dc3d70062e6337d36819efd0fb5b601
SHA1

23f069178a92bcce440403f0d634a46e4ea23cad
SHA256

78c8554495985ef173b2ba291bffc7c0eac79ebe13b319b95cbf55024f53ff0a
SHA512

6aec3288eca993a91d5936726e5b6cc100c2480d5890fcf172b7ed054ab30e0a164aad545ad579683a86d38b48464f7312ecf1cbc96fdaa446d391c9a0377f2d
SSDEEP

6144:PKYL7TUAttexdQ1Fvu0wSkCu7RZ57lZwwwn+ni0Kt:BL7Tvt2QfvlyVZ5Zewwnqi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dc3d70062e6337d36819efd0fb5b601_JaffaCakes118

Files

0dc3d70062e6337d36819efd0fb5b601_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c130293aa1bf0cc1af85a35b31de041

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapSize
GetPrivateProfileSectionA
ReadConsoleOutputW
GetTimeFormatA
EnumSystemLocalesA
HeapAlloc
LoadLibraryA
VirtualFree
SetLastError
CompareStringA
CommConfigDialogW
EnterCriticalSection
GetEnvironmentStrings
TlsSetValue
UnhandledExceptionFilter
GetCurrentThread
GetVersionExA
HeapCreate
CompareStringW
TlsFree
GetLocaleInfoA
HeapDestroy
GetLocaleInfoW
WritePrivateProfileStringW
InterlockedIncrement
WriteFile
GetUserDefaultLCID
GetProcAddress
FreeEnvironmentStringsW
GetTimeZoneInformation
HeapFree
GetLongPathNameW
GetLastError
OpenMutexW
IsDebuggerPresent
VirtualQuery
SetHandleCount
IsValidCodePage
Sleep
GetDateFormatA
IsValidLocale
WideCharToMultiByte
GetStringTypeW
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
FreeEnvironmentStringsA
DeleteCriticalSection
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsAlloc
InitializeCriticalSection
GetFileType
GetStdHandle
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
GetEnvironmentStringsW
TryEnterCriticalSection
GetTickCount
InterlockedDecrement
GetCPInfo
GetProcessHeap
TlsGetValue
SetUnhandledExceptionFilter
RtlUnwind
GetOEMCP
GetSystemTimeAsFileTime
InterlockedExchange
SetConsoleCtrlHandler
GetACP
FreeLibrary
GetStringTypeA

gdi32

GetSystemPaletteEntries
GetBkColor
GetTextExtentExPointW
SetICMProfileW
SetStretchBltMode
CreateDIBSection
GetCharWidth32W
GetColorAdjustment
EndDoc
Polygon
SetBoundsRect
CreateDCW
CloseMetaFile
DrawEscape
GetCharacterPlacementA
GetCharWidthW
ChoosePixelFormat
CreateICA
BeginPath
SetViewportOrgEx
ExtCreateRegion
FloodFill

user32

SetWindowsHookW

comdlg32

PrintDlgA

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c130293aa1bf0cc1af85a35b31de041

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comdlg32

Sections

.text Size: 110KB - Virtual size: 110KB

.data Size: 139KB - Virtual size: 143KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 110KB - Virtual size: 110KB

.data
Size: 139KB - Virtual size: 143KB

.rsrc
Size: 9KB - Virtual size: 9KB