c0a7fd13a0500db30e7e2d76bac36303_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0a7fd13a0500db30e7e2d76bac36303_JaffaCakes118
Size

329KB
MD5

c0a7fd13a0500db30e7e2d76bac36303
SHA1

450cf30a68448af22dc06141d1f0a551fb158e36
SHA256

d13e5524873e11a7c25a87519fc784098fff3ea62e154937bd56330e6cbecc83
SHA512

e6d5b230e89c5dcbf14be1fac724bc1c4453b66d3ed60fb076662bb6d3a882a5d03d56a35fd6be80c0a9858edd4f528ef41c360e55ea47bb8df32d91eb4906ff
SSDEEP

6144:wr5+408GfD8gXghSUMbk/IRh0xkgPaOERHVzLbGEJ6zVBAo:w+tfD8RMg/+0xkgP1ERV3bNJKPAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0a7fd13a0500db30e7e2d76bac36303_JaffaCakes118

Files

c0a7fd13a0500db30e7e2d76bac36303_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c59403dca0618de83e245fe56ca14c1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\jautb\bsou\vkoq\gn

Imports

shell32

SHGetInstanceExplorer

comctl32

InitCommonControlsEx

user32

GetMessageA
EnumDisplayDevicesA
RegisterClassExA
RegisterClassA
CharLowerA
SetDoubleClickTime
DdeSetUserHandle
CallNextHookEx
DdeKeepStringHandle
IsDlgButtonChecked
DefMDIChildProcW
GetClipboardFormatNameW
SetMenuContextHelpId
DialogBoxParamA
CharPrevExA
SetWindowLongW
RemovePropA
MessageBoxExW
GetKeyboardLayout
IsClipboardFormatAvailable
SendNotifyMessageA

kernel32

GetModuleFileNameA
SetConsoleCursorInfo
GetStdHandle
VirtualFree
GetLocalTime
GetUserDefaultLCID
FreeLibrary
TlsFree
CompareFileTime
GetCommandLineA
CreateFileA
GetCurrentProcess
GetTickCount
GetDateFormatA
WriteConsoleA
LeaveCriticalSection
GetProcessHeap
FindResourceA
GetOEMCP
MultiByteToWideChar
FindNextChangeNotification
SetThreadIdealProcessor
HeapCreate
GetLocaleInfoA
CommConfigDialogA
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetWindowsDirectoryW
GetEnvironmentStrings
SetFilePointer
FlushFileBuffers
GetStartupInfoA
Sleep
HeapReAlloc
TlsSetValue
LCMapStringW
FindClose
GetConsoleCP
GetStringTypeA
GetConsoleMode
EnumSystemLocalesA
CreateDirectoryExW
CloseHandle
IsDebuggerPresent
VirtualQuery
OpenEventW
EnumResourceLanguagesA
GetConsoleOutputCP
GetCurrentProcessId
QueryPerformanceCounter
VirtualAlloc
CompareStringA
LCMapStringA
EnterCriticalSection
GetModuleFileNameW
ExitProcess
GetModuleHandleA
CompareStringW
GetPrivateProfileIntW
WriteFile
TerminateProcess
TlsGetValue
FreeEnvironmentStringsW
WriteConsoleW
GetCurrentThread
TlsAlloc
GetTimeFormatA
GetEnvironmentStringsW
HeapDestroy
DeleteCriticalSection
InterlockedExchange
GetStringTypeW
GetProcAddress
SetConsoleCtrlHandler
GetACP
GetCPInfo
CreateMutexA
SetHandleCount
HeapAlloc
HeapSize
GetThreadTimes
GetLocaleInfoW
GetSystemTimeAsFileTime
GetStartupInfoW
UnhandledExceptionFilter
EnumSystemLocalesW
GetCommandLineW
IsValidCodePage
GetTimeZoneInformation
lstrlenA
InitializeCriticalSection
LoadLibraryA
InterlockedIncrement
IsValidLocale
InterlockedDecrement
lstrcpy
OpenMutexA
CreateWaitableTimerW
GetFileType
SetStdHandle
GetVersionExA
MoveFileW
SetEnvironmentVariableA
ReadFile
SetLastError
HeapFree
WideCharToMultiByte
RtlUnwind
GetCurrentThreadId
GetLastError
CreateNamedPipeW

comdlg32

LoadAlterBitmap
GetSaveFileNameW
FindTextW
ChooseFontW

gdi32

GetPolyFillMode
CreateDiscardableBitmap
SetGraphicsMode
GetCurrentPositionEx
SetMetaFileBitsEx
GetBkColor
GetWinMetaFileBits
SetBoundsRect
SetROP2
SetWorldTransform
SaveDC
RoundRect
ExcludeClipRect
AnimatePalette
GetCharacterPlacementW
PlayMetaFile

advapi32

LookupAccountNameW
RegSetValueA
RegEnumValueW
CryptSetProviderW
CryptGetDefaultProviderW
RegDeleteValueA
CryptEnumProviderTypesW
CryptDecrypt
RegCreateKeyExW
GetUserNameA
RegReplaceKeyW
RegDeleteKeyA
RegCreateKeyA
CryptContextAddRef

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c59403dca0618de83e245fe56ca14c1b

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

user32

kernel32

comdlg32

gdi32

advapi32

Sections

.text Size: 194KB - Virtual size: 193KB

.rdata Size: 29KB - Virtual size: 59KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 29KB - Virtual size: 59KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 14KB - Virtual size: 14KB