b98fa0baea6d714f0cc276e9642060cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b98fa0baea6d714f0cc276e9642060cc_JaffaCakes118
Size

708KB
MD5

b98fa0baea6d714f0cc276e9642060cc
SHA1

c211eff56204380c72547804e6ef85aa7d3d9c85
SHA256

fdd8d68f014dc44f72b129f2fb22f8efef3cbcee7ef2b160eb7980c180b7ef1e
SHA512

746e809e40f810e18f99a76e9be2952a9571ca642aed093c23d20d0a1e51efc00ebc5e1f44677dca7bc26e601061213fcccf6462677bd144dbac786b0f8f7f7b
SSDEEP

12288:CtKqZrpOLVMHAQ5Yzifpfj8AIEpGrAVdFpzlcqcn3/gSvQw:a9ruVMHnwifpfj8ANTVdbhtcnISvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b98fa0baea6d714f0cc276e9642060cc_JaffaCakes118

Files

b98fa0baea6d714f0cc276e9642060cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c55ff6d0a9f19e7a5f7c2806bddddfa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\knevqz\osxnaemxot\oxe\vvdui

Imports

shell32

SHBrowseForFolder

kernel32

MultiByteToWideChar
FlushFileBuffers
ExitProcess
OpenMutexA
GetLocaleInfoA
GetEnvironmentStrings
GetTimeFormatA
SetFilePointer
VirtualFree
GetCurrentThreadId
GetCPInfo
GetFileType
GetCommandLineW
IsValidLocale
GetSystemInfo
FreeEnvironmentStringsA
GetCommandLineA
GetUserDefaultLCID
GetProcAddress
ReadFile
QueryPerformanceCounter
GetStartupInfoW
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoW
HeapFree
TerminateProcess
GetEnvironmentStringsW
GetStartupInfoA
GetVersionExA
RtlUnwind
GetPrivateProfileSectionA
SetEnvironmentVariableA
CompareStringW
GetModuleHandleA
HeapSize
LoadLibraryA
TlsAlloc
FreeEnvironmentStringsW
EnterCriticalSection
SetStdHandle
InterlockedExchange
TlsGetValue
IsValidCodePage
TlsFree
SetLastError
SetHandleCount
CreateMutexA
GetSystemTimeAsFileTime
CompareStringA
GetTimeZoneInformation
GetOEMCP
WriteFile
LeaveCriticalSection
VirtualAlloc
LCMapStringW
WideCharToMultiByte
GetStdHandle
GetCurrentThread
UnhandledExceptionFilter
CloseHandle
HeapCreate
GetModuleFileNameW
IsBadWritePtr
TlsSetValue
HeapDestroy
DeleteFiber
GetStringTypeA
GetCurrentProcessId
GetLastError
HeapAlloc
InitializeCriticalSection
VirtualQuery
HeapReAlloc
GetStringTypeW
LCMapStringA
GetDateFormatA
EnumSystemLocalesA
VirtualProtect
GetModuleFileNameA
GetACP
GetTickCount

user32

DdeGetLastError
GetMenuCheckMarkDimensions
DrawFrame
ShowWindow
RegisterClassA
DdeConnect
GetMonitorInfoA
ChangeClipboardChain
LoadCursorFromFileW
RegisterClassExA
MessageBoxA
GetWindowTextA
MonitorFromWindow
DdeSetQualityOfService
GetClipCursor
SetWindowsHookExA
KillTimer
CreateWindowExA
DrawEdge
MessageBoxExW
SetMenuDefaultItem
SetMenuInfo
LoadMenuW
OpenClipboard

comctl32

InitCommonControlsEx
ImageList_Replace

Sections

.text
Size: 515KB - Virtual size: 514KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c55ff6d0a9f19e7a5f7c2806bddddfa

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

user32

comctl32

Sections

.text Size: 515KB - Virtual size: 514KB

.rdata Size: 13KB - Virtual size: 18KB

.data Size: 98KB - Virtual size: 97KB

.rsrc Size: 81KB - Virtual size: 80KB

.text
Size: 515KB - Virtual size: 514KB

.rdata
Size: 13KB - Virtual size: 18KB

.data
Size: 98KB - Virtual size: 97KB

.rsrc
Size: 81KB - Virtual size: 80KB