0e3c010f7b9e0b47978eb69173b2eca6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e3c010f7b9e0b47978eb69173b2eca6_JaffaCakes118
Size

170KB
MD5

0e3c010f7b9e0b47978eb69173b2eca6
SHA1

15558afc0364fc68752ce5ad1a3fedeb42d917fb
SHA256

1dbd81a5995a6fe23b67892716760a206d46d075868008bbafdf2411023070ac
SHA512

ce9ba53f34da4ea11e269728e1e3f5ab5433bf780bddd6119a7d5bd4d20e467962c337f36d1bce6b42bdaaacf690a526d00738b86c30d31476aae289c1442ba6
SSDEEP

1536:Wa3GAe4vs4mUPQAz8JIsodzehyaQ4IArrVoR/uL4oDQTpAZ4PRrP/LXeo0nZB:724E4mUPPzG1dq4vrJoNO5OPzuo0nZB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e3c010f7b9e0b47978eb69173b2eca6_JaffaCakes118

Files

0e3c010f7b9e0b47978eb69173b2eca6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7defced76fd901a532b669e09d42ea96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
Sleep
GetTempPathA
GetWindowsDirectoryA
CreateProcessA
GetSystemDirectoryA
GetCurrentDirectoryA
UnmapViewOfFile
ExitProcess
GetFileTime
CreateFileA
GetCommandLineA
MultiByteToWideChar
CreateThread
GlobalFree
GlobalAlloc
WritePrivateProfileStringA
GetComputerNameA
TerminateProcess
OpenProcess
CreateDirectoryA
LoadLibraryA
FreeLibrary
LoadResource
lstrlenA
GetModuleFileNameA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
GetCurrentProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetFileAttributesA
GetTickCount
DeleteFileA
GetModuleHandleA
GetProcAddress
GetCurrentProcessId
CreateSemaphoreA
GetLastError
FindResourceA
SizeofResource
SetStdHandle
HeapSize
ReadFile
CloseHandle
HeapReAlloc
HeapAlloc
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WideCharToMultiByte
WriteFile
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetStartupInfoA
HeapFree
GetVersion
FindClose
FindNextFileA
RtlUnwind
FindFirstFileA
GetSystemTime
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeZoneInformation

advapi32

RegQueryInfoKeyA
RegEnumValueA
GetUserNameA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegCloseKey

gdi32

GetStockObject

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shell32

SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation

user32

GetWindowLongA
IsWindow
LoadCursorA
GetWindowTextA
UpdateWindow
ShowWindow
LoadIconA
DefWindowProcA
KillTimer
CreateWindowExA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
RegisterClassA
GetWindowTextLengthA
MessageBoxA
SetTimer
PostMessageA
EnumWindows
FindWindowA
SendMessageA

wsock32

recv
WSAStartup
WSACleanup
gethostname
htons
closesocket
connect
send
socket
gethostbyname

Sections

code
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7defced76fd901a532b669e09d42ea96

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

mpr

ole32

shell32

user32

wsock32

Sections

code Size: 164KB - Virtual size: 164KB

.rsrc Size: 1KB - Virtual size: 4KB

.avp Size: 3KB - Virtual size: 4KB

code
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 1KB - Virtual size: 4KB

.avp
Size: 3KB - Virtual size: 4KB