0f70ec21027ad7bbcb46861cde32216f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f70ec21027ad7bbcb46861cde32216f_JaffaCakes118
Size

167KB
MD5

0f70ec21027ad7bbcb46861cde32216f
SHA1

69512ffddf7230ec3d2bcfc9c02ef8b4fb6d10c4
SHA256

00793e7325854f44f54f80b285d52d525e40f96b3d71eb325163c6ef523e0eda
SHA512

f08f2b8a63f8482962698058663d2a21e71186f6ff213d5736949c5804a7f722970920dc9f70dc112a2c8611db00e172aca38455c64f213bc231814f8039e78c
SSDEEP

3072:JN6KBVsqIVJltZrpRZN3BrWi08Dy/oBjQ7KFTEAkT+:JNhsx1thpqi/DyARG3v+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f70ec21027ad7bbcb46861cde32216f_JaffaCakes118

Files

0f70ec21027ad7bbcb46861cde32216f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8f56f7a066d3f098f94e88e51e35ef4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

notepad.pdb

Imports

kernel32

UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GlobalUnlock
GlobalLock
GetTimeFormatW
GetDateFormatW
GetUserDefaultLCID
GetACP
LocalLock
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryA
DeleteFileW
SetEndOfFile
GetUserDefaultUILanguage
FormatMessageW
LocalReAlloc
WideCharToMultiByte
SetLastError
WriteFile
GetLastError
LocalSize
lstrcpynW
MulDiv
lstrcmpW
GetFileAttributesW
FindFirstFileW
FindClose
lstrcatW
GetCommandLineW
GetProcAddress
GetCurrentProcessId
lstrcmpiW
CreateFileW
ReadFile
lstrcpyW
CloseHandle
GetLocalTime
FoldStringW
CompareStringW
LocalUnlock
GlobalFree
lstrlenW
LocalAlloc
LocalFree
GetLocaleInfoW
QueryPerformanceCounter
GetStartupInfoA

comdlg32

ReplaceTextW
PrintDlgExW
FindTextW
ChooseFontW
GetOpenFileNameW
PageSetupDlgW
GetFileTitleW
GetSaveFileNameW
CommDlgExtendedError

shell32

DragFinish
DragQueryFileW
DragAcceptFiles
ShellAboutW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

comctl32

CreateStatusWindowW

msvcrt

_wtol
_except_handler3
iswctype
wcsncpy
localtime
wcsncmp
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_snwprintf
time
__setusermatherr

advapi32

RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
RegOpenKeyExA
RegSetValueExW

gdi32

GetStockObject
EnumFontsW
GetTextFaceW
SelectObject
GetObjectW
GetDeviceCaps
DeleteObject
CreateDCW
GetTextExtentPoint32W
TextOutW
DeleteDC
EndDoc
AbortDoc
EndPage
StartPage
StartDocW
SetAbortProc
GetTextMetricsW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
CreateFontIndirectW

user32

PeekMessageW
CharLowerW
SetScrollPos
UpdateWindow
RegisterWindowMessageW
CreateWindowExW
SetWindowPlacement
LoadCursorW
LoadImageW
RegisterClassExW
GetSystemMenu
EnableWindow
LoadStringW
CharUpperW
GetWindowPlacement
IsIconic
GetForegroundWindow
PostQuitMessage
MessageBeep
DestroyWindow
DefWindowProcW
GetKeyboardLayout
SetActiveWindow
DrawTextExW
CreateDialogParamW
GetWindowTextW
LoadAcceleratorsW
DialogBoxParamW
GetDC
ReleaseDC
SetCursor
GetClientRect
ShowWindow
GetDesktopWindow
GetFocus
MoveWindow
InvalidateRect
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
CheckMenuItem
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
MessageBoxW
SetWindowLongW
GetWindowLongW
GetDlgItem
SetFocus
SetDlgItemTextW
wsprintfW
GetDlgItemTextW
EndDialog
GetParent
UnhookWinEvent
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
PostMessageW
GetMessageW
SetWinEventHook
GetSystemMetrics
SetWindowTextW
LoadIconW

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8f56f7a066d3f098f94e88e51e35ef4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

shell32

winspool.drv

comctl32

msvcrt

advapi32

gdi32

user32

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 34KB - Virtual size: 34KB

.jdata Size: 68KB - Virtual size: 68KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 34KB - Virtual size: 34KB

.jdata
Size: 68KB - Virtual size: 68KB