0f22ec22a5c26a3ef04c124eaba92fa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f22ec22a5c26a3ef04c124eaba92fa2_JaffaCakes118
Size

72KB
MD5

0f22ec22a5c26a3ef04c124eaba92fa2
SHA1

1eb9a9604c4974b6d9e2fd8696c44d27ce751c02
SHA256

04f6f17feeb35c7e7d00f32dec7a9a07031f36a0af1c5741bd4b28756ee22cc2
SHA512

d6872f944d71f6cae8a8ad0f87926a60714047c4ddd7bf33b62f468da25b5cdf3a640a3d3be47df36a774034c07c7aace75cc9ae59249809caf0f722137459e0
SSDEEP

768:cwiQ7ZXiOSK5q6WfM+9/U/2o40innKhC59IcrfmWXOlab+XZBK06mUdgaP:craZXLIh9/U/8nnKhC1SWeqQyoUdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f22ec22a5c26a3ef04c124eaba92fa2_JaffaCakes118

Files

0f22ec22a5c26a3ef04c124eaba92fa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6abb754c13d6f50c6bf1f294cfbb163d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetModuleFileNameA
GetShortPathNameA
GetVersionExA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetSystemDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProcAddress
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
LocalAlloc
GetCurrentDirectoryA
SetCurrentDirectoryA
LocalFree
FreeLibrary
GetEnvironmentStringsW
LoadLibraryA
GetExitCodeProcess
CreateProcessA
lstrcatA
lstrlenA
WinExec
CloseHandle
GetLastError
SetFilePointer
WriteFile
ReadFile
HeapDestroy
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
FileTimeToLocalFileTime
CreateFileA
UnhandledExceptionFilter
SetFileAttributesA
GetFileAttributesA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapCompact
HeapAlloc
HeapReAlloc
HeapFree
RemoveDirectoryA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
SetEnvironmentVariableA

user32

SendMessageA
GetWindow
GetSystemMetrics
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
CreateDialogParamA
GetDlgItem
DestroyWindow
PostQuitMessage
DefWindowProcA
DialogBoxParamA
EndDialog
SetDlgItemTextA
TranslateMessage
DispatchMessageA
GetMessageA
IsDialogMessageA
SetWindowLongA
SetWindowTextA
MessageBoxA
wsprintfA
PeekMessageA

gdi32

DeleteObject
RemoveFontResourceA
GetObjectA
CreateFontIndirectA
GetStockObject

advapi32

RegQueryValueExA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

ole32

OleUninitialize
OleInitialize

comctl32

ord17

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6abb754c13d6f50c6bf1f294cfbb163d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 52KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 52KB