08aa90ae3100d0212c317d43dc668134_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08aa90ae3100d0212c317d43dc668134_JaffaCakes118
Size

283KB
MD5

08aa90ae3100d0212c317d43dc668134
SHA1

2f0af0ea384b8d086f36a572a0b0f6e90a96d514
SHA256

e6b9a3cf077511ff3e140e5bdc95ce21fa6e7f0dedd8150b4b420f1a8c947ad2
SHA512

0753f83ce445e179dd366bc4c3fce4c5bc3e11af925a9a14342a8a88ce864620c189eda129c1404ed4f4773ec8fc8920c2f5839dc86b29fe85d6eb99d55a4bd1
SSDEEP

6144:3mUgTBzpo1orZmsOYJksobO9H+fGB3Xw8nfovmXagRKzR:2TB2a4YmI9Rhw8fovmeR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08aa90ae3100d0212c317d43dc668134_JaffaCakes118

Files

08aa90ae3100d0212c317d43dc668134_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09855346514b64bf1d5ed9ecbf371d6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW
EqualRect
EnableMenuItem
CreatePopupMenu
MoveWindow
DestroyWindow
IsWindow
SetWindowRgn
SetPropW
DestroyMenu
DestroyIcon
GetDlgItem
GetDC
TrackPopupMenu
GetPropA
GetWindowTextLengthW
RedrawWindow
TranslateMessage
SendDlgItemMessageW
GetWindow
CharNextA
PtInRect
SetWindowTextA
GetKeyState

advapi32

QueryServiceStatus
RegDeleteKeyW
RegDeleteKeyA
RegEnumKeyExW
RegOpenKeyW
RegCreateKeyExW
OpenThreadToken
RegQueryValueExW

kernel32

FindClose
SetLastError
QueryPerformanceFrequency
LoadLibraryA
DeleteFileA
DeleteCriticalSection
EnumSystemLocalesA
WriteFile
VirtualAlloc
OutputDebugStringW
InterlockedDecrement
GetEnvironmentStringsW
Sleep
SetUnhandledExceptionFilter
SetHandleCount
FindNextFileW
LoadResource
GetModuleHandleA
FileTimeToSystemTime
InterlockedIncrement
GetOEMCP
GetCommandLineA
GetProcAddress
GetLastError
ExitProcess
TerminateProcess
CloseHandle
InterlockedExchange
FileTimeToLocalFileTime
GetStringTypeW
lstrcpyA
GetStartupInfoA
InitializeCriticalSection
GetCurrentThreadId
LeaveCriticalSection
SizeofResource
LCMapStringA
SetConsoleCP
GetSystemTimeAsFileTime
IsValidCodePage
GlobalFree
GetFileType
EnterCriticalSection
GetCurrentProcessId
LockResource
GetModuleFileNameA
GetSystemDefaultLCID
SetEvent
HeapAlloc
GetACP
UnhandledExceptionFilter
TlsGetValue
SetStdHandle
GetTempPathA
VirtualProtect
GetCPInfo

gdi32

Rectangle
RestoreDC
CreateFontIndirectW
GetDIBits
GetDeviceCaps

msvcrt

??1type_info@@UAE@XZ
_XcptFilter
memcpy
__dllonexit
_wcsicmp
malloc
_controlfp
_adjust_fdiv
wcsrchr
_unlock

ole32

CoCreateInstance
CoTaskMemFree

rpcrt4

RpcStringFreeW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09855346514b64bf1d5ed9ecbf371d6f

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

msvcrt

ole32

rpcrt4

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 51KB - Virtual size: 76KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 51KB - Virtual size: 76KB