f0b2a59c13e9f2f458fc529f577dc8df_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f0b2a59c13e9f2f458fc529f577dc8df_JaffaCakes118
Size

88KB
MD5

f0b2a59c13e9f2f458fc529f577dc8df
SHA1

10311ea30879cef1b74764804a328969cbecb81b
SHA256

7a0615f1881210bf7a591775fbcebf1b13a5ce2eaa83f0dc4b13ff41f0ba2fbe
SHA512

eed20eb9c2d3def6ab73d45d949828e5a36765ccf1cbe7146db6ec489466a6f9ae5042cb1053cafd303e3453362cd05fc1fe62304e94ed5ed9b8ba6a2037ac77
SSDEEP

768:DQrh3iiJU9DPMHoArjFOFQHyAIS44BKBgeLrkr3nsjmch/oFEub0c21ZTvY:DYyeUpoo+j/z8xnyUoFEtZTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b2a59c13e9f2f458fc529f577dc8df_JaffaCakes118

Files

f0b2a59c13e9f2f458fc529f577dc8df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e2d676f73c69ce152360273a18808e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
GetProcAddress
WinExec
LoadLibraryA
FreeLibrary
FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetFileType
GetWindowsDirectoryA
WriteFile
GetEnvironmentStringsW
GetFileSize
FreeEnvironmentStringsW
GetTempFileNameA
GetTempPathA
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
HeapFree
HeapAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
SetFilePointer
GetLastError
LocalFree
ReadFile
GetCommandLineA
FreeEnvironmentStringsA
UnhandledExceptionFilter
FormatMessageA
CreateFileA
RaiseException
GetStdHandle
SetHandleCount
GetEnvironmentStrings

user32

LoadAcceleratorsA
ShowWindow
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
RegisterClassA
TrackPopupMenu
PostQuitMessage
DestroyWindow
DefWindowProcA
SetWindowLongA
LoadMenuA
SetMenu
CreateWindowExA
LoadIconA
GetClientRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
PostMessageA
GetWindowLongA
GetWindowRect
GetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CheckMenuItem
GetMenu
GetSubMenu
EnableMenuItem
MessageBoxA
DialogBoxParamA
ChildWindowFromPoint
GetDlgItem
LoadCursorA
SetCursor
GetSysColorBrush
EndDialog
SetDlgItemTextA
SendMessageA
GetMessageA
UpdateWindow

gdi32

SetBkMode
DeleteObject
CreateFontIndirectA
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA

shell32

ShellExecuteA

ole32

CoTaskMemFree

comctl32

ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_Create
CreateToolbarEx
ord6
InitCommonControlsEx

oleaut32

GetErrorInfo

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e2d676f73c69ce152360273a18808e9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

oleaut32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 10KB