0f5ed94f8cdbb63377b4dbb321df97c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f5ed94f8cdbb63377b4dbb321df97c7_JaffaCakes118
Size

71KB
MD5

0f5ed94f8cdbb63377b4dbb321df97c7
SHA1

0c790ec729ec5a095516184656cc72fdd30e17f5
SHA256

b877076894afc6dc7daa568310e8dd727735b4369c6e6fa89e583f3bc9400546
SHA512

30f351973dd5bbb37bc69a92086a80a863204e608cfe7b466c5af0a945b6156785745dab9040b66e1d7f1e593a0688bef2d4cac6f194ae04ef046af490a9b7ca
SSDEEP

1536:MV1WIWNcwe6jAbZWq8iWaOSmcL/aZUpEHFCbczSrEePY4iJGm:MV1Wp9eU04qdPzaHouSoiYbGm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f5ed94f8cdbb63377b4dbb321df97c7_JaffaCakes118

Files

0f5ed94f8cdbb63377b4dbb321df97c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b73efc2db21fb5213ae8e29b6caa03d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetFocus
IsRectEmpty
SetForegroundWindow
GetWindowInfo
GetWindowDC

msvcrt

difftime
_ismbcprint
_mbsnbset

shlwapi

PathIsRelativeW
PathIsNetworkPathA
StrCmpLogicalW

oleaut32

VariantCopyInd
VariantClear
SysAllocStringLen
SysStringLen

kernel32

RaiseException
lstrlenW
GetTimeFormatW
UnhandledExceptionFilter
SetLastError
GetWindowsDirectoryW
ExpandEnvironmentStringsW
GetCurrentProcessId
FindClose
WideCharToMultiByte
CreateFileW
FreeLibrary
Sleep
SetConsoleMenuClose
lstrcmpiW
FindNextFileW
GetProcessHeap
GetStartupInfoA
InterlockedExchange
GetTempPathW
FormatMessageA
MultiByteToWideChar
SetCurrentDirectoryW
FindFirstFileW
SetFilePointer
ExitThread
GetProcAddress
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GetFileAttributesW
HeapAlloc
WriteFile
CopyFileW
InterlockedDecrement
HeapFree
QueryPerformanceCounter
CreateProcessW
OpenEventW
LocalFree
FormatMessageW
GetCurrentThreadId
GetModuleFileNameW
QueryDosDeviceW
GetSystemTimeAsFileTime
WaitForSingleObject
TerminateProcess
GetPrivateProfileSectionW
LocalAlloc
GlobalFree
GetModuleHandleA
GetPrivateProfileStringW
CreateDirectoryW
GetCommandLineW
lstrcmpW
GetDriveTypeW
GetLogicalDriveStringsW
GetVersionExA
LoadLibraryA
GetSystemDirectoryW
GetVolumeInformationW
OpenMutexW
SetUnhandledExceptionFilter
DeleteFileW
GetCurrentProcess
LocalReAlloc
GetLastError
ReleaseMutex
CloseHandle
lstrlenA
GetDateFormatW
GetPrivateProfileIntW
GetTickCount
ReadFile
GlobalAlloc
CreateMutexW
LoadLibraryW
IsValidLocale
GetLogicalDrives
GetFullPathNameW
InterlockedIncrement
DeviceIoControl
GetExitCodeProcess

comctl32

PropertySheetA

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 56KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b73efc2db21fb5213ae8e29b6caa03d

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

shlwapi

oleaut32

kernel32

comctl32

shell32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.itext Size: 56KB - Virtual size: 67KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.itext
Size: 56KB - Virtual size: 67KB