0f0aa86095831a9912041fb9650cb423_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f0aa86095831a9912041fb9650cb423_JaffaCakes118
Size

645KB
MD5

0f0aa86095831a9912041fb9650cb423
SHA1

2e5a67047468618b54852c26df33a7d2bc86a7a7
SHA256

1e4bf68339c02a1ba942e0c506b0f5267c1fe548e208305160727f41a404d230
SHA512

f8c52a6065f7a9ad5d812cad18db88aa985afc3024c41f00522b8b86b77ece51db0cb73edc211b1a52e92cfbbd83deb9d28399fc4413caab9e82e565aa4488d9
SSDEEP

12288:NZwhZQvELXslybrZ2EbKi64i/z4Kso9TIOlptopX6oeW:P8QcssblkRbLsqTIOnCpXreW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0aa86095831a9912041fb9650cb423_JaffaCakes118

Files

0f0aa86095831a9912041fb9650cb423_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7bc7d151ff256988c3151691beeffbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
DefMDIChildProcW
GetWindowTextLengthW
ShowCursor
ToUnicodeEx
DrawFrame
EnumDesktopWindows
CharNextW
EndDeferWindowPos
LoadIconA
LoadBitmapA
RegisterClassA
CopyRect
DefWindowProcW
DialogBoxParamA
LoadBitmapW
RedrawWindow

advapi32

LookupPrivilegeNameW
LogonUserA
RegCreateKeyA
StartServiceW
CryptImportKey
CryptSetKeyParam
RegOpenKeyW
LookupAccountSidW

gdi32

SetColorAdjustment
CreateFontIndirectA
Ellipse
SetFontEnumeration
AddFontResourceW
SaveDC
SetAbortProc
CreateMetaFileA
EnumFontsW
StrokePath
PolyPolyline
AbortPath
GetMetaFileBitsEx
GetTextCharsetInfo
SetLayout
CreateDIBSection
TextOutA
GetTextExtentPointA
GdiSetBatchLimit
PlayMetaFile
Rectangle
GetPolyFillMode
CloseEnhMetaFile
SwapBuffers

comctl32

InitCommonControlsEx

comdlg32

PrintDlgW
GetFileTitleW

kernel32

SetLastError
GetCurrentProcess
RtlUnwind
OutputDebugStringA
GetStdHandle
HeapCreate
GetCommandLineA
GetCurrentThreadId
GetCommandLineW
GetTimeZoneInformation
GetStringTypeA
GlobalUnfix
SetConsoleTitleW
SetFilePointer
DeleteCriticalSection
LCMapStringW
EnumCalendarInfoA
EnterCriticalSection
TlsGetValue
GetStartupInfoW
LeaveCriticalSection
FlushFileBuffers
GetModuleFileNameA
WideCharToMultiByte
IsValidLocale
TlsAlloc
GetSystemTime
HeapFree
GetModuleHandleA
AllocConsole
GetModuleFileNameW
EnumTimeFormatsW
OpenMutexA
GetLastError
MultiByteToWideChar
GetCalendarInfoW
SetHandleCount
InterlockedDecrement
CreateSemaphoreA
GetFileType
CreateDirectoryA
GetEnvironmentStringsW
ReadFile
UnhandledExceptionFilter
VirtualAlloc
InterlockedExchange
LoadLibraryA
HeapDestroy
VirtualQuery
TlsFree
TerminateThread
GetTickCount
GetSystemTimeAsFileTime
IsDebuggerPresent
SetStdHandle
GetLocaleInfoW
GetPrivateProfileStructW
CompareStringW
QueryPerformanceCounter
GetStartupInfoA
GetProcAddress
CreateMutexA
TlsSetValue
WriteFile
GetCPInfo
InterlockedExchangeAdd
InterlockedIncrement
CloseHandle
VirtualFree
IsBadWritePtr
GlobalGetAtomNameW
FreeEnvironmentStringsA
SetEnvironmentVariableA
DeleteFileA
TerminateProcess
GetEnvironmentStrings
WriteProfileStringA
LCMapStringA
GetVersion
HeapAlloc
HeapReAlloc
GetEnvironmentVariableW
GetStringTypeW
GetCurrentProcessId
GlobalAlloc
GetLocalTime
FreeEnvironmentStringsW
UnmapViewOfFile
ExitProcess
CompareStringA
InitializeCriticalSection
GetCurrentThread

Sections

.text
Size: 491KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7bc7d151ff256988c3151691beeffbe

Headers

File Characteristics

Imports

user32

advapi32

gdi32

comctl32

comdlg32

kernel32

Sections

.text Size: 491KB - Virtual size: 491KB

.rdata Size: 28KB - Virtual size: 43KB

.data Size: 109KB - Virtual size: 108KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 491KB - Virtual size: 491KB

.rdata
Size: 28KB - Virtual size: 43KB

.data
Size: 109KB - Virtual size: 108KB

.rsrc
Size: 15KB - Virtual size: 15KB