0cf62e43efb824661608aa0b24ec8590_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0cf62e43efb824661608aa0b24ec8590_JaffaCakes118
Size

257KB
MD5

0cf62e43efb824661608aa0b24ec8590
SHA1

b636afd556dd1f3f55bb615e9f7b411deedbb049
SHA256

062dc8a26f2109e1339b41a2d6af823a7f68563407a1d4ee448ec685e40935b2
SHA512

23f3298f185455696d74dac1b8ded229ce4de8e6c6527740c5858ebb2b103bc591621dafe815c091672c5492fb52941e84203399b2189155b20557aa9c545793
SSDEEP

6144:XQIKm6iVyuQ18c87yuWVsN1OpwekxjtQG+FpEHmNqP1N:AEhEpaB1LiatQHSft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cf62e43efb824661608aa0b24ec8590_JaffaCakes118

Files

0cf62e43efb824661608aa0b24ec8590_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e848585f5a125f877bbb3ec664d38db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapLock
GetFileType
VirtualProtectEx
lstrcmpi
GetCommandLineA
GetTimeFormatA
HeapAlloc
TlsSetValue
LeaveCriticalSection
HeapCreate
SetHandleCount
SetCriticalSectionSpinCount
GetUserDefaultLangID
WaitForDebugEvent
LCMapStringA
LCMapStringW
WideCharToMultiByte
GetDateFormatA
GetEnvironmentStrings
SystemTimeToTzSpecificLocalTime
IsValidCodePage
CompareStringW
GetEnvironmentStringsW
DeleteCriticalSection
ReadConsoleOutputCharacterA
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentThread
GetProcAddress
SetConsoleCtrlHandler
GetCommandLineW
TlsFree
GetVolumeInformationW
CompareStringA
InitializeCriticalSection
GetModuleFileNameW
VirtualQuery
GetVersionExA
TlsAlloc
HeapSize
SetThreadPriority
GetStartupInfoW
MultiByteToWideChar
GetCPInfo
HeapReAlloc
GetUserDefaultLCID
ExitProcess
GetPrivateProfileIntA
GlobalLock
VirtualAlloc
TlsGetValue
QueryPerformanceCounter
GetCurrentProcess
GetStringTypeW
GetModuleHandleA
FreeEnvironmentStringsA
GetStdHandle
GetStringTypeA
GetCurrentThreadId
IsBadWritePtr
VirtualFree
RemoveDirectoryA
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetSystemInfo
GetStartupInfoA
EnumResourceLanguagesA
GetTickCount
GetLocaleInfoA
WritePrivateProfileStringW
EnumSystemLocalesA
IsValidLocale
HeapDestroy
RtlUnwind
EnterCriticalSection
GetSystemTimeAsFileTime
InterlockedExchange
GetTimeZoneInformation
SetUnhandledExceptionFilter
FindFirstFileExW
GetACP
VirtualProtect
GetLastError
GetOEMCP
HeapFree
TerminateProcess
LoadLibraryA
FillConsoleOutputCharacterW
SetLastError
UnhandledExceptionFilter
EnumTimeFormatsW
GetModuleFileNameA

comdlg32

GetOpenFileNameW
FindTextW
ChooseFontW
FindTextA
GetSaveFileNameA

advapi32

RegOpenKeyW
RegNotifyChangeKeyValue
RegQueryMultipleValuesW
RegQueryInfoKeyA
RegQueryValueA
CreateServiceW
RegSetValueW
CryptGetKeyParam
RegEnumKeyW
RegSaveKeyW
RegCreateKeyExA
CryptVerifySignatureA
RegQueryInfoKeyW
CryptGetDefaultProviderA
RegEnumKeyA
LogonUserW
RegEnumValueA
CryptAcquireContextW
CryptGetDefaultProviderW
RegDeleteValueA
StartServiceA
CryptContextAddRef
CreateServiceA

gdi32

GetRandomRgn
SetWorldTransform
EnumICMProfilesW
GetTextMetricsA
ResizePalette
EnumEnhMetaFile
SetFontEnumeration
GetGlyphOutlineA
CreatePen
GetBrushOrgEx
RoundRect
GetViewportOrgEx
CombineRgn
DeleteDC
EnumMetaFile
SetPaletteEntries
AnimatePalette
SetTextAlign
LineDDA
GetFontLanguageInfo
IntersectClipRect
GetCharWidth32W
GdiPlayDCScript
CreateDIBPatternBrush

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e848585f5a125f877bbb3ec664d38db

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

gdi32

Sections

.text Size: 115KB - Virtual size: 114KB

.data Size: 136KB - Virtual size: 166KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 115KB - Virtual size: 114KB

.data
Size: 136KB - Virtual size: 166KB

.rsrc
Size: 5KB - Virtual size: 5KB