0f3f54e73d1fc03a9412cbaee086f18e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f3f54e73d1fc03a9412cbaee086f18e_JaffaCakes118
Size

211KB
MD5

0f3f54e73d1fc03a9412cbaee086f18e
SHA1

c6373949e5ef2ac5eaab092b49d6335fdfc0e56a
SHA256

518ab52005bb998e29a05e1b895fc2d0681b9c789c7eb7866a50aca7151cc5b9
SHA512

532b5eb9d167519ac465f28cb3cb6ccfcfa6a24cc86b427efb87495b1a4a9e3218102fc09605c06431ddf21fcffcb0ab994c2a981fc46475e59dc0a6bea16e7b
SSDEEP

3072:r5aemZ60PAhz49HJnJf3sfhu6nfENNiuMrwSOdMvFmFHw0o+7pdJte/XhTHyVbq:r5oIz4j13UhNfENNdBTFHLte/dHyVbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f3f54e73d1fc03a9412cbaee086f18e_JaffaCakes118

Files

0f3f54e73d1fc03a9412cbaee086f18e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

beabe60f5f2d1e18496c1e9f1819c33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

InterlockedDecrement
ReadFile
SystemTimeToFileTime
GetCalendarInfoW
MoveFileW
ConvertDefaultLocale
GetCurrentProcessId
CreateFileW
GetLocaleInfoW
GetFileAttributesW
FindNextFileW
SetFilePointer
GetVersion
MultiByteToWideChar
EnumResourceNamesA
EnumResourceLanguagesW
lstrcpyW
GetSystemDefaultLangID
LocalFileTimeToFileTime
GetModuleFileNameW
RemoveDirectoryW
ExitProcess
DeleteFileW
LoadLibraryW
FindFirstFileW
FindClose
SetFileTime
GetCurrentDirectoryW
WriteFile
WideCharToMultiByte
CreateDirectoryW
GetProcAddress

advapi32

RegCloseKey
RegOpenKeyW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW

ole32

CreateILockBytesOnHGlobal
OleInitialize
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoGetClassObject
CoRetireServer
CoTaskMemAlloc
OleIsCurrentClipboard
CoInitialize
CoRegisterMessageFilter
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
CoUninitialize
CoTaskMemFree
OleFlushClipboard
StgCreateDocfileOnILockBytes
CoCreateInstance
CLSIDFromString

user32

RemovePropW
RegisterWindowMessageW
SetPropW
CreateWindowExW
SetRect
InvalidateRgn
IsRectEmpty
InvalidateRect
GetPropW
GetClassLongW
SendDlgItemMessageA
GetClassInfoExW
CopyAcceleratorTableW
CharNextW
GetNextDlgGroupItem
CharUpperW
WinHelpW
MessageBeep
GetNextDlgTabItem
DestroyMenu

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

ScaleWindowExtEx
GetTextColor
Escape
GetMapMode
ScaleViewportExtEx
RectVisible
SelectObject
ExtTextOutW
ExtSelectClipRgn
GetBkColor
SetWindowExtEx
PtVisible
GetDeviceCaps
SetViewportOrgEx
GetStockObject
TextOutW
DeleteDC
OffsetViewportOrgEx
GetRgnBox

shlwapi

PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathAppendW

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

beabe60f5f2d1e18496c1e9f1819c33e

Headers

File Characteristics

Imports

oleacc

kernel32

advapi32

ole32

user32

shell32

gdi32

shlwapi

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 92KB - Virtual size: 92KB

.edata Size: 1024B - Virtual size: 84KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 92KB - Virtual size: 92KB

.edata
Size: 1024B - Virtual size: 84KB