002c30bd51e7213770b207039af7e502_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

002c30bd51e7213770b207039af7e502_JaffaCakes118
Size

113KB
MD5

002c30bd51e7213770b207039af7e502
SHA1

8d2a2f5386d724bc7ec9c8ea36774a4389c037bb
SHA256

e4f9ffbc535c86a1e0a5eb852b2b2cd23242d9598eed4d09294a163afa52e0ab
SHA512

d1ae65c35e4a1d7d2cb4105dc19c6e1833b3d9fdd5ad62be09f15d0ba03c2989c1697dfd2247193a215eacac1f60ef0083389d7e3f40447a17208e7337c05b6a
SSDEEP

3072:n8nsKIshdlVOyQLlIC1yPUoJFi8NnXYz9W07jmgM3H6:IsKIqd6yQLRGUoJA8pO9W0eH3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
002c30bd51e7213770b207039af7e502_JaffaCakes118

Files

002c30bd51e7213770b207039af7e502_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8ba1477cf6b5a323036d5ed7e2b3ae7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

CreateStdAccessibleObject

crypt32

CryptQueryObject
CertFreeCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptDecodeObject
CryptMsgGetParam
CryptMsgClose
CertEnumSystemStoreLocation
CertCloseStore

kernel32

GetVersionExA
UnhandledExceptionFilter
GetTickCount
ExitProcess
CancelWaitableTimer
GetEnvironmentStrings
ReadFile
RaiseException
IsValidCodePage
GetProcessHeap
GetCurrentProcess
HeapDestroy
TlsSetValue
LoadLibraryW
GetCPInfo
GetOEMCP
GetProcessVersion
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsFree
RtlUnwind
ExitProcess
HeapFree
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
HeapAlloc
GetCurrentThreadId
IsDebuggerPresent
HeapCreate
GetFileAttributesW
GetCommandLineA
GetModuleHandleA
TerminateProcess
GetModuleFileNameA
GetACP
VirtualFree
SetLastError
GetStartupInfoA
QueryPerformanceCounter
GetFileType
InterlockedIncrement
GetStdHandle
GetEnvironmentStringsW
SetHandleCount
FreeEnvironmentStringsW
WideCharToMultiByte

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

user32

ReleaseDC
SetDlgItemTextW
SetWindowLongW
MessageBoxW
GetDlgItem
LoadIconW
EndPaint
GetWindowLongW
SendMessageW
SetWindowPos
BeginPaint
LoadBitmapW
DestroyWindow
LoadStringW
GetParent
GetWindowDC
PostMessageW
DefWindowProcW

gdi32

SetBkColor
GetObjectW
CreateFontIndirectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
SetBkMode

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8ba1477cf6b5a323036d5ed7e2b3ae7

Headers

File Characteristics

Imports

oleacc

crypt32

kernel32

ole32

shell32

user32

gdi32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 344KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 344KB