0ce9fff95da9a85187b4af68b6857cd4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ce9fff95da9a85187b4af68b6857cd4_JaffaCakes118
Size

300KB
MD5

0ce9fff95da9a85187b4af68b6857cd4
SHA1

5db432bfd00c3b5792c8b1704b8baff550798fb1
SHA256

1a31438aba2f4057b650f1a2b80be819beb2598b52cb932b6cbd697d504d4180
SHA512

7f834a0fff2776b043c664ea1eecf108aa5ac4bb534ccda0651151875c7559c41c722dbbfa06a49b315d70ac034cbb57506a8a521ad0c04a0597295142985013
SSDEEP

6144:KRPAKEgJWXmAMDO9rOOYELJ9GH6UQprOeY7G9zKHwJu5o4NjPo:CA1gJM8C9FYELJ94QpGG9eQUXNjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce9fff95da9a85187b4af68b6857cd4_JaffaCakes118

Files

0ce9fff95da9a85187b4af68b6857cd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

085300b3da24e99d896def59c033b4a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseCapture
OffsetRect
MapWindowPoints
SendMessageA
PtInRect
MessageBeep
RegisterClassA
LoadStringA
ScreenToClient
RegisterClipboardFormatA
RegisterWindowMessageA
PostQuitMessage
LoadIconA
LoadBitmapA
OpenClipboard
LoadCursorA
RedrawWindow
SendMessageW
PeekMessageW
ReleaseDC
RemovePropA
MapVirtualKeyA
LoadKeyboardLayoutA
OemToCharA
SetActiveWindow
ScrollWindow
RemoveMenu
MessageBoxA
PeekMessageA
PostMessageA

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleA
LoadLibraryExA
GetOEMCP
ExitThread
VirtualAllocEx
lstrlenA
GetCommandLineA
GetCommandLineW
ExitProcess
GetModuleHandleW
IsBadHugeReadPtr

oleaut32

SafeArrayGetUBound
SafeArrayCreate
VariantCopyInd
VariantChangeType
SafeArrayGetElement

comctl32

ImageList_DragShowNolock
ImageList_Add
ImageList_GetBkColor
ImageList_Write
ImageList_Draw
ImageList_Destroy
ImageList_Remove
ImageList_DrawEx
ImageList_Read
ImageList_Create

gdi32

GetRgnBox
CreateBitmap
GetBitmapBits
BitBlt
RestoreDC
GetObjectA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 215B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

085300b3da24e99d896def59c033b4a3

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

comctl32

gdi32

comdlg32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 228KB - Virtual size: 228KB

.fdata Size: 512B - Virtual size: 215B

DATA Size: 8KB - Virtual size: 8KB

.hdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 836B

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 228KB - Virtual size: 228KB

.fdata
Size: 512B - Virtual size: 215B

DATA
Size: 8KB - Virtual size: 8KB

.hdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 836B