0e3c4c446ae904f50c957372c613f784_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e3c4c446ae904f50c957372c613f784_JaffaCakes118
Size

215KB
MD5

0e3c4c446ae904f50c957372c613f784
SHA1

0544d714c83c3f72c19b52451f766d16e7fcf395
SHA256

3a82bc937f5429de1163564b998638ef495a9c8ce56a88ad9bd8f6ecf4a3e86d
SHA512

3b36eee4f45b7385306770335bd168177be311f91cf07d23633d87be647e445176f8ff5a47773d0af044973432f3051783ec0be424d86e1f2b1eb85c588489d1
SSDEEP

3072:CeFvK6R7tKzFJlXDRgzgaWiamxa9kTuW1/WYrhk23oNb4Y03f43Rx1dWUcQesM:CyvJ7tSN1gJpxdZWWhk23oxH0U1di

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e3c4c446ae904f50c957372c613f784_JaffaCakes118

Files

0e3c4c446ae904f50c957372c613f784_JaffaCakes118
.exe windows:1 windows x86 arch:x86

cd45f295edcb8c8e451637b00e83d120

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
Module32Next
FindFirstFileA
FlushFileBuffers
SetLastError
GetACP
LockResource
ResumeThread
GetNumberFormatA
SetEndOfFile
LeaveCriticalSection
GetTimeFormatA
GetThreadContext
GetSystemInfo
PulseEvent
TlsFree
GlobalUnlock
lstrcpyA
TlsSetValue
SetUnhandledExceptionFilter
GetModuleFileNameA
DuplicateHandle
LocalFree
FileTimeToSystemTime
CreateEventA
GetEnvironmentStringsW
ReadFile
lstrcpynA
GetVersionExA
GetFileTime
IsDebuggerPresent
lstrlenW
GetCurrentProcessId
GetFileType
HeapAlloc
IsBadStringPtrA
WideCharToMultiByte
SearchPathA
GetEnvironmentStrings
WaitForSingleObject
FormatMessageA
LocalAlloc
HeapCreate
DeleteFileA
LCMapStringA
TlsAlloc
WriteFile
WriteConsoleW
ReadProcessMemory
FindClose
SizeofResource
InterlockedDecrement
GetTickCount
CloseHandle
VirtualAlloc
GetOEMCP
GetStartupInfoA
GetStringTypeA
SetEnvironmentVariableA
GlobalReAlloc
LCMapStringW
FindResourceA
DeleteCriticalSection
InterlockedIncrement
FreeEnvironmentStringsA
GetProcessHeap
GetConsoleMode
CreateFileMappingA
GetModuleHandleW
MapViewOfFile
GetExitCodeThread
GetCPInfo
UnmapViewOfFile
lstrcmpA
GetProcessWorkingSetSize
HeapFree
LoadLibraryW
WaitForMultipleObjects
OpenEventA
GlobalMemoryStatus
UnhandledExceptionFilter
GetCommandLineW
GetProcAddress
lstrlenA
FreeLibrary
GetModuleHandleA
MultiByteToWideChar
GlobalAddAtomA
SetProcessWorkingSetSize
DeviceIoControl
FileTimeToLocalFileTime
InterlockedExchange
GetSystemDirectoryA
GetCurrentThreadId
SetErrorMode
GetLocaleInfoA
ExitProcess
SetThreadAffinityMask
GetCommandLineA
CreateThread
GetFileAttributesA
TerminateThread
SetPriorityClass
GetCurrentThread
CreateToolhelp32Snapshot
GetCurrentDirectoryA
LoadLibraryA
GetProcessAffinityMask
GetCurrentProcess
OpenProcess
TlsGetValue
QueryPerformanceFrequency
IsValidCodePage
IsBadReadPtr
GetConsoleCP
EnterCriticalSection

user32

LoadImageA
SetPropA
DeferWindowPos
PostQuitMessage
EndDialog
DefWindowProcA
GetSysColorBrush
ReleaseCapture
KillTimer
SetMenuItemInfoA
GetDlgItemTextA
GetSystemMetrics
PtInRect
DrawTextA
EmptyClipboard
CreatePopupMenu
UnionRect
UpdateWindow
GetDlgItem
DrawFrameControl
ExitWindowsEx
GetDlgCtrlID
CheckDlgButton
PeekMessageA
IntersectRect
FillRect
DispatchMessageA
RegisterWindowMessageA
SetWindowPlacement
GetPropA
GetDoubleClickTime
IsWindowVisible
LoadIconA
OpenClipboard
FindWindowExA
GetMenuItemCount
CheckMenuRadioItem
GetSysColor
GetUpdateRgn
ChildWindowFromPoint
IsZoomed
CallWindowProcA
SendMessageA
EnableMenuItem
TranslateMessage
GetMenu
EndDeferWindowPos
SetWindowTextA
GetWindowThreadProcessId
ClientToScreen
OffsetRect
GetCapture
DestroyIcon
BeginPaint
GetWindowRect
CloseClipboard
GetUserObjectSecurity
InvalidateRgn
InsertMenuA
ScrollWindowEx
MoveWindow
CreateDialogParamA
ModifyMenuA
SetWindowPos
GetWindowLongA
WindowFromPoint
SetCursor
ReleaseDC
LoadStringA
IsIconic
InvalidateRect
SetCapture
MsgWaitForMultipleObjects
FindWindowA
DefMDIChildProcA
EndPaint
SystemParametersInfoA
IsDlgButtonChecked
AppendMenuA
GetWindowPlacement
TrackPopupMenuEx
DialogBoxIndirectParamA
SetDlgItemTextA
GetMessageA
EnableWindow
GetFocus
RegisterClassExA
wsprintfA
FrameRect
InflateRect
SendMessageTimeoutA
GetClassLongA
GetClassNameA
SetTimer
LoadMenuA
GetParent
MapWindowPoints
LoadAcceleratorsA
IsDialogMessageA
MessageBoxA
SetUserObjectSecurity
EnumChildWindows
CreateWindowExA
GetWindow
CheckRadioButton
DrawIconEx
DefDlgProcA
DestroyWindow
TranslateAcceleratorA
GetCursorPos
GetScrollInfo
GetMenuItemID
CopyRect
DrawMenuBar
SetWindowLongA
EnumWindows
ScreenToClient
TrackPopupMenu
CreateIconIndirect
GetKeyState

msvcrt

_XcptFilter
memcpy
_initterm
exit
__p__fmode
__setusermatherr
_exit
_adjust_fdiv
_controlfp
__set_app_type
_except_handler3
__p__commode
__getmainargs
_acmdln

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd45f295edcb8c8e451637b00e83d120

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 183KB - Virtual size: 182KB

.data Size: 512B - Virtual size: 162B

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 183KB - Virtual size: 182KB

.data
Size: 512B - Virtual size: 162B

.rsrc
Size: 512B - Virtual size: 164B