0e81cdf66bc1e3c76f370b681deb8f82_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e81cdf66bc1e3c76f370b681deb8f82_JaffaCakes118
Size

222KB
MD5

0e81cdf66bc1e3c76f370b681deb8f82
SHA1

9300974759aa77b1ff3ce5a67d8c439af8593560
SHA256

eb7d580b9ffb746b47fc1d4d0e1491982bd160e2b08ac0e5c03e3fdbc28a9f09
SHA512

303d8d8572a49b7adbb522538f4b450a5ac6b5d8be320626f822991bd4e373d25767f661356d4e66036a558a5511542fda66734ddf45dbb52da5ec7ddc7306da
SSDEEP

3072:sjIL20caW9deVinly/IvG8cDAauk+AcdhFrNO8u4Aguu7wFmC+Y2aCqn3jXQxz6N:Iq2NneElL+8cqhF6guSVY2DyTaqj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e81cdf66bc1e3c76f370b681deb8f82_JaffaCakes118

Files

0e81cdf66bc1e3c76f370b681deb8f82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74ec1a6bcbfa91846f12fe1264b067ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
SystemTimeToFileTime
SetCurrentDirectoryA
FileTimeToSystemTime
GetWindowsDirectoryA
LoadLibraryA
GetLongPathNameW
CopyFileA
BeginUpdateResourceW
CreateMailslotA
CopyFileExA
DuplicateHandle
BeginUpdateResourceA
GetShortPathNameA
GetProcAddress
GetEnvironmentStringsW
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
CompareFileTime
GetCurrentDirectoryW
GetVersionExA
GetSystemDirectoryA
GetFileTime
GetProcessHeap
GetSystemDefaultLangID
EnumCalendarInfoA
QueryPerformanceFrequency
GetPriorityClass
GetModuleFileNameA
CreateFileMappingW
GetUserDefaultLangID
GetLocaleInfoA
EnumDateFormatsA
RemoveDirectoryW
GetLogicalDrives
lstrcmpA
InitializeCriticalSection
FileTimeToDosDateTime
OpenProcess
IsBadReadPtr
SuspendThread
lstrcatW
FatalAppExitA
GetNumberFormatW
LocalFree
CompareStringW
GetFileAttributesW
IsValidLocale
FlushFileBuffers

user32

TrackPopupMenuEx
SetDlgItemTextA
IsCharUpperA
GetClassNameA
GetCaretPos
wsprintfW
MessageBeep
EnumClipboardFormats
MessageBoxW
CallWindowProcA
WaitMessage
GetClassLongA
DrawTextA
DestroyMenu
CheckRadioButton
SetMenu
SetForegroundWindow
DefWindowProcA
IsWindow
GetClassNameW
SetCursor
EndDialog
RegisterClassExW
GetSubMenu
GetMenuState
IsChild
IsDlgButtonChecked
CloseWindow
CreateAcceleratorTableA
InsertMenuA
GetClassInfoA
GetScrollPos
GetClassInfoExW
ReleaseDC
GetDC
LoadImageW
SendDlgItemMessageW
GetWindowTextLengthA

gdi32

StretchDIBits
CreateDCW
GetLogColorSpaceA
DescribePixelFormat
RectInRegion
PolyPolygon
SetBitmapDimensionEx
SetICMProfileA

advapi32

RegQueryValueA
RegDeleteValueW
RegOpenKeyExW

shlwapi

HashData
SHSetValueW
SHRegCloseUSKey
UrlCanonicalizeA
StrToIntA
StrCSpnA
PathFindExtensionA
SHQueryInfoKeyW
PathIsNetworkPathA
PathRenameExtensionA
UrlIsNoHistoryW
PathUnquoteSpacesW
UrlEscapeA
PathBuildRootA
SHCreateStreamOnFileA
PathRemoveExtensionA
StrFormatByteSizeA

setupapi

CM_Is_Dock_Station_Present
CM_Delete_Class_Key
SetupGetSourceInfoA
SetupDiGetHwProfileList
CM_Create_DevNode_ExA
SetupQueueRenameW

winmm

waveOutGetPitch
waveOutMessage
mciGetErrorStringA
mmioWrite
midiInStop
mid32Message
waveInPrepareHeader
PlaySound
midiOutSetVolume

winspool.drv

GetPrinterDriverDirectoryW
FreePrinterNotifyInfo
GetDefaultPrinterA
CloseSpoolFileHandle
EnumPrinterDataExW
AddFormA
StartPagePrinter
DeletePrinterConnectionA
SetJobA
DeletePrinterConnectionW

Sections

.Si
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ljCTn
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edcmz
Size: 2KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bIyaE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Q
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.S
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aO
Size: 2KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74ec1a6bcbfa91846f12fe1264b067ba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

setupapi

winmm

winspool.drv

Sections

.Si Size: 5KB - Virtual size: 5KB

.ljCTn Size: 83KB - Virtual size: 82KB

.edcmz Size: 2KB - Virtual size: 371KB

.bIyaE Size: 13KB - Virtual size: 13KB

.Q Size: 4KB - Virtual size: 22KB

.S Size: 85KB - Virtual size: 85KB

.data Size: 17KB - Virtual size: 354KB

.aO Size: 2KB - Virtual size: 496KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.Si
Size: 5KB - Virtual size: 5KB

.ljCTn
Size: 83KB - Virtual size: 82KB

.edcmz
Size: 2KB - Virtual size: 371KB

.bIyaE
Size: 13KB - Virtual size: 13KB

.Q
Size: 4KB - Virtual size: 22KB

.S
Size: 85KB - Virtual size: 85KB

.data
Size: 17KB - Virtual size: 354KB

.aO
Size: 2KB - Virtual size: 496KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B