0ed6b279943459dbd8f7009a41e9350a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ed6b279943459dbd8f7009a41e9350a_JaffaCakes118
Size

116KB
MD5

0ed6b279943459dbd8f7009a41e9350a
SHA1

4d2f6386168de9d32c9f0b6c53bd8a08343252d0
SHA256

3c5dff85cda1a0421673ad1ce536be0554b4d328ba8b5450beb079a9e68aa7cb
SHA512

9e3c97576594f1eaeac08523c4a0932d3be870b06ce40387a6efba8ff2cb6e6a2312c5cfc2d60100b7228973e14a1acdd098df9f6fd9e170b7735549f1109600
SSDEEP

1536:BwfTO9rDJ2iJZwAcLTl1Iht5CYGlvfe/WMx5iak8j0KSlRclFEnQMm3tiDXA/:BwfTyrDXOX8k3UWMDd0KSlGiQMutKQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed6b279943459dbd8f7009a41e9350a_JaffaCakes118

Files

0ed6b279943459dbd8f7009a41e9350a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0d1c145771648834487ae6ae757f94f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

kernel32

GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetVersion
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
LCMapStringA
LCMapStringW
LoadLibraryA
MultiByteToWideChar
RtlUnwind
SetFilePointer
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TerminateThread
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
CloseHandle
CreateEventA
CreateFileA
CreateThread
DeviceIoControl
GetProcAddress
GetOEMCP
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileType
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
ExitProcess

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

gdi32

TextOutA
SetTextColor
SetTextAlign
SetBkMode
SetBkColor
SelectObject
PolyBezier
MoveToEx
LineTo
GetStockObject
GetPixel
GetObjectA
ExtCreatePen
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt

shell32

Shell_NotifyIconA
ShellExecuteA

user32

BeginPaint
CheckMenuItem
CreateWindowExA
DefWindowProcA
DialogBoxParamA
DispatchMessageA
DrawTextA
EndDialog
EndPaint
FillRect
GetClientRect
GetDC
GetDlgItem
GetFocus
GetForegroundWindow
GetMenu
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsIconic
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MessageBoxA
MoveWindow
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SetCapture
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateAcceleratorA
TranslateMessage
UnregisterClassA
UpdateWindow
wsprintfA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d1c145771648834487ae6ae757f94f2

Headers

File Characteristics

Imports

advapi32

kernel32

setupapi

gdi32

shell32

user32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB