c0c0bb0f69b026267e1cdfea7a6b59e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0c0bb0f69b026267e1cdfea7a6b59e9_JaffaCakes118
Size

5.8MB
MD5

c0c0bb0f69b026267e1cdfea7a6b59e9
SHA1

da129d1dd5e7a7005f78b62abe34bdd7e4ca3ace
SHA256

9b1f7e11c1b157ef5f5f63de88095907300248c08e841fefde9b1f8016128fe4
SHA512

4af19611c88d1e18461113ae3cfeeca50f5ed27af9caf814c1c1dd682b87760d7fee6bed8a57e5992d2de35bff4f05f8735eaa2d19b29d219555812ce3d9927e
SSDEEP

49152:Ke1NHRSi1rIUF+PQsWupUhv81YUK+4jRYGALW:Ke1r1r3IIv8mUt4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0c0bb0f69b026267e1cdfea7a6b59e9_JaffaCakes118

Files

c0c0bb0f69b026267e1cdfea7a6b59e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ef6cf1518920166054ea1aa6abdd66f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetBkColor
ImageList_EndDrag
ImageList_SetOverlayImage
ImageList_BeginDrag

user32

TabbedTextOutW
GetAncestor
GetWindowTextA
LoadMenuIndirectW
CreateAcceleratorTableW
DefFrameProcW
CloseDesktop
SendMessageCallbackW
ShowCaret
DestroyCursor
TranslateMessage
GetSystemMenu
FillRect
GetMessageExtraInfo
SetClassLongA
RegisterWindowMessageW
UnregisterClassA
keybd_event
RegisterClassExW
SetWindowPos
CopyRect

oleaut32

SysStringLen
SafeArrayUnaccessData
SysFreeString
SafeArrayPutElement
VariantChangeType

kernel32

CompareStringA
LeaveCriticalSection
FreeResource
SetThreadPriorityBoost
SetHandleCount
ExitProcess
GetSystemTimeAdjustment
DeleteFiber
SetMailslotInfo
GetThreadPriority
SetVolumeLabelA
GetUserDefaultLangID
GetProfileStringA
GetCommandLineW
SetEnvironmentVariableA
GetModuleHandleA
DebugBreak
ScrollConsoleScreenBufferA
PurgeComm
GlobalAddAtomW
GetCPInfo
AllocConsole
DeleteCriticalSection
WritePrivateProfileStructA
IsDBCSLeadByteEx
GetSystemDefaultLangID
FindFirstFileW
CloseHandle
LocalFileTimeToFileTime
GetCommModemStatus
ConnectNamedPipe
OutputDebugStringW
LocalAlloc
GlobalGetAtomNameW
OpenMutexA
FlushConsoleInputBuffer
WriteProcessMemory
SetThreadLocale
SetCommTimeouts
CreateMutexA
SetEnvironmentVariableW
SetTimeZoneInformation
SetConsoleCursorPosition
WritePrivateProfileSectionA
GlobalFindAtomA
GetEnvironmentVariableW
CreateFileW
FillConsoleOutputCharacterA
ReadConsoleOutputA
GetStringTypeExW
GetFileInformationByHandle
LoadLibraryExW
GetDateFormatA
GetProfileIntA
SetConsoleOutputCP
FreeLibraryAndExitThread
EnumSystemCodePagesW
SuspendThread

ws2_32

WSAGetServiceClassNameByClassIdW
WSASetLastError
WSAAsyncGetProtoByNumber
WSALookupServiceEnd
WSASendDisconnect
WSAAddressToStringW
accept
recv

advapi32

GetNamedSecurityInfoW
CryptSignHashW
RegRestoreKeyW
OpenServiceA
RegQueryValueExA
CryptDestroyHash
GetSecurityInfo
CryptImportKey
RegSetValueExA
CryptGetKeyParam
CryptHashData
CloseEventLog
IsTextUnicode
MakeSelfRelativeSD
RegisterServiceCtrlHandlerW
SetSecurityDescriptorSacl
ClearEventLogW
RegConnectRegistryA
RegOpenKeyA
DestroyPrivateObjectSecurity
StartServiceA

Sections

.text
Size: 19KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ef6cf1518920166054ea1aa6abdd66f

Headers

File Characteristics

Imports

comctl32

user32

oleaut32

kernel32

ws2_32

advapi32

Sections

.text Size: 19KB - Virtual size: 271KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 19KB - Virtual size: 271KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 17KB - Virtual size: 16KB