c00bde9ca1e6a42d4a548c003278f52c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c00bde9ca1e6a42d4a548c003278f52c_JaffaCakes118
Size

944KB
MD5

c00bde9ca1e6a42d4a548c003278f52c
SHA1

bba92366d24aca1d5c20ebcdd86e372a2cfc2bfe
SHA256

54f29ef0d63a1ccc939feb4ded6a00ca53e892f6e9c730241bd2f02a51e18bdf
SHA512

fec6efac40eabceb1305c52d28d713c1d78f77fc52ecf287404c26291679657f4bdc9b8c2dfe656b025cda733162016686ce89387caf7fb8986088b0d081b304
SSDEEP

24576:8R0g83Qc5vGkwpp7TUuSvLX6BJtvR6zut:2783Q6vS+stpgut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c00bde9ca1e6a42d4a548c003278f52c_JaffaCakes118

Files

c00bde9ca1e6a42d4a548c003278f52c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c02f9fbb1d0248c6620f9d7ce365b77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
RtlFillMemory
SetStdHandle
EndUpdateResourceA
SetFileApisToOEM
GetCPInfoExA
SetCurrentDirectoryW
DeleteVolumeMountPointA
SetFileAttributesW
ExpandEnvironmentStringsW
GetThreadSelectorEntry
GetDefaultCommConfigA
GetVersion
EnumDateFormatsA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetDiskFreeSpaceA
EnumResourceTypesW
GetCurrentProcessId
GetNamedPipeHandleStateA
RemoveDirectoryA
SetUnhandledExceptionFilter
CreateWaitableTimerA
GetDateFormatA
IsBadHugeWritePtr
WriteFile
FreeEnvironmentStringsA
GetVolumeNameForVolumeMountPointA
CreateFileW
_hwrite
UnmapViewOfFile
GetSystemWindowsDirectoryA
SetMailslotInfo
GlobalFindAtomA
GetShortPathNameA
EnumResourceLanguagesA
EnumTimeFormatsW
FindAtomA
ExitProcess
GlobalUnWire
MultiByteToWideChar
EscapeCommFunction
FindResourceExA
CreateJobObjectW
Process32NextW
CreateNamedPipeA
VerifyVersionInfoW
GetTimeFormatA
GetModuleHandleW
GetLocalTime

user32

SetKeyboardState
SetCursorPos
GetParent
wvsprintfW
DlgDirListW
UnregisterHotKey
MessageBeep
DrawTextW
PostMessageW
MapWindowPoints
VkKeyScanExA
GetDlgItem
RegisterWindowMessageW
ReleaseCapture
GetClassInfoExW
IsCharAlphaNumericA
FreeDDElParam
LoadAcceleratorsW
SetMessageQueue
WinHelpA
RegisterClipboardFormatW
SetMessageExtraInfo
SetDlgItemTextW
GetLastInputInfo
SwitchDesktop
GetGuiResources
SetWindowsHookA
GetDlgItemTextW
OpenIcon
EnumThreadWindows
DrawTextExW
SetForegroundWindow
PackDDElParam
OpenWindowStationA
OpenWindowStationW
EnumPropsExW
DefWindowProcA
SetClassLongW
TranslateMessage
FindWindowW
MapVirtualKeyW
ActivateKeyboardLayout
LoadCursorA
GetClassInfoExA
VkKeyScanW
UnionRect
WinHelpW
EnumDesktopsA
BeginPaint
WindowFromPoint
CreateMenu
DdeQueryStringW
FlashWindow
RegisterShellHookWindow
SetWindowContextHelpId
RegisterDeviceNotificationA
GetKeyNameTextW
SetMenuInfo
LockWindowUpdate
EnableMenuItem
SetMenuDefaultItem
EnableScrollBar
GetSysColorBrush
WINNLSEnableIME
CloseDesktop
GetWindowRgn
SystemParametersInfoW
MessageBoxIndirectA
ToUnicode
LoadKeyboardLayoutA
MapVirtualKeyExW
WaitMessage
DlgDirListA
DestroyIcon
IMPQueryIMEW
FindWindowA
GetWindowTextLengthA
SendDlgItemMessageA
UpdateLayeredWindow
DrawIconEx
GetMenuContextHelpId
ToAsciiEx
CharToOemW
DlgDirListComboBoxA
DdeAddData
CharUpperBuffW
GetSystemMetrics
DdeDisconnectList
CreateCaret
SendMessageW
GetKeyboardLayoutNameA
GetWindowLongW
GetPropW
DrawTextA
GetDlgCtrlID
CloseWindow
ExcludeUpdateRgn
TranslateAcceleratorW
ScrollDC
SetClipboardData
SetCaretPos
GetActiveWindow
GetSystemMenu
HideCaret
CheckMenuItem
GetKeyboardLayoutNameW
ScreenToClient
DestroyCursor
DestroyAcceleratorTable
DrawAnimatedRects
AllowSetForegroundWindow
MenuItemFromPoint
IMPSetIMEW
EnumPropsW
ReplyMessage
GetCapture
MoveWindow
UnpackDDElParam
DefMDIChildProcA
GetMessageTime
IMPGetIMEW
GetMenuItemID
IMPQueryIMEA
MapVirtualKeyA
GetWindowRect
DdeUnaccessData
MsgWaitForMultipleObjects
SetDoubleClickTime

shlwapi

PathAppendA

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c02f9fbb1d0248c6620f9d7ce365b77

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

Sections

.text Size: 295KB - Virtual size: 294KB

.data Size: 348KB - Virtual size: 595KB

.bss Size: 5KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 285KB - Virtual size: 284KB

.reloc Size: 4KB - Virtual size: 8KB

.text
Size: 295KB - Virtual size: 294KB

.data
Size: 348KB - Virtual size: 595KB

.bss
Size: 5KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 285KB - Virtual size: 284KB

.reloc
Size: 4KB - Virtual size: 8KB