0098a6f7ff6d4fec1dd68c5490a832c6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0098a6f7ff6d4fec1dd68c5490a832c6_JaffaCakes118
Size

363KB
MD5

0098a6f7ff6d4fec1dd68c5490a832c6
SHA1

df77f212a2015b9bf7f731731bf97c2a3e9ff325
SHA256

31ddf76a482627ed6a16f2032e997ddc79621dd58de747ca2a1f5f730b8a1668
SHA512

ce80d0baf8270b0ef5e68c85e36881c82475a7756590b7e8191f3890480508b4d7374eee9a950b4b7dbd653fd56e959ea50bcaf0eb98b66a2ded97469df8fcb1
SSDEEP

6144:0e2N0dOCGzogTKULqOxmdK4ylktToPHVuIQHQeq2zhF9vCzsXZokGE:0e2N0drW3THLHmI4gkG9u5HTZZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0098a6f7ff6d4fec1dd68c5490a832c6_JaffaCakes118

Files

0098a6f7ff6d4fec1dd68c5490a832c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

625710d4987aa95d6de6042bcd7dca83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

4xv1jrmfm.pdb

Imports

rpcrt4

UuidFromStringW
RpcStringFreeW

user32

GetDC
GetDlgItem
ReleaseDC
GetWindowTextW
DialogBoxParamA
DefWindowProcW
GetActiveWindow
InvalidateRect
SendMessageA
RegisterClassA
GetParent
CreateMenu
WinHelpA
SetForegroundWindow
CreateWindowExW
GetSysColorBrush
GetDlgItemTextW
SetWindowTextW
AppendMenuA
GetWindowLongA
ShowWindow
LoadStringW
UpdateWindow
MessageBoxW
GetClientRect
CreateWindowExA
EndPaint
IsWindow
GetWindowRect
GetSysColor
CharUpperA
DestroyMenu
GetDlgItemTextA
BeginPaint
TranslateMessage

olepro32

OleTranslateColor
OleLoadPicture

msvcrt

_wcsicmp
free
strlen
__set_app_type
memset
wcscmp
_initterm
__p__commode
realloc
__CxxFrameHandler
_adjust_fdiv
strncpy
__p__fmode
malloc
__setusermatherr
wcschr
wcslen
_except_handler3
_CxxThrowException
_controlfp
_cexit
wcscat
__initenv
exit
wcsncmp
wcscpy
__getmainargs
_acmdln
_XcptFilter

shlwapi

PathAppendW

kernel32

GetStartupInfoA
MultiByteToWideChar
VirtualAlloc
LocalAlloc
HeapFree
LocalReAlloc
lstrlenW
VirtualProtect
MulDiv
GetVersion
GetCurrentProcess
lstrcmpA
lstrcpynW
GetModuleHandleA
ReadFile
LocalFree
GlobalFree
lstrcpyW
ExitProcess
CloseHandle
GlobalAlloc
GetPrivateProfileIntW
GetACP

winmm

sndPlaySoundW
timeGetTime

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

InitCommonControls
ImageList_ReplaceIcon

shell32

ExtractIconExA
DragFinish
DragQueryFileA

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
VerLanguageNameW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ole32

OleUninitialize

gdi32

GetStockObject
SelectObject
SetBkColor
CreateCompatibleDC
DeleteObject
BitBlt
TextOutA
CreateSolidBrush
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

625710d4987aa95d6de6042bcd7dca83

Headers

File Characteristics

PDB Paths

Imports

rpcrt4

user32

olepro32

msvcrt

shlwapi

kernel32

winmm

comdlg32

comctl32

shell32

version

ole32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 346KB - Virtual size: 346KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 346KB - Virtual size: 346KB