0a1eb2293e86773d87a0087fdde048ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a1eb2293e86773d87a0087fdde048ca_JaffaCakes118
Size

849KB
MD5

0a1eb2293e86773d87a0087fdde048ca
SHA1

7ea0cc879ab51694861958bea027815ddd3e74d0
SHA256

e98535bf1f014b76286b96681daff558b0e9b4782dea0be7e703617e57dd6a0e
SHA512

211e8f61bcf8310b2d1ac5d0345ce08650374fd76f401e45173f8baf25213a80e218ef38fd7cf722a7e4053dd7864ac7cf69f54625fe9947edb1abc4d0c2b86f
SSDEEP

24576:/6XqAaeKch19xKNoTjJubG8vQDPbxZEJNyssWwcQK:8qAaeKch19xKNoTl+G8vQjbkUssWwQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CWBUITSK.EXE
unpack001/NvTaskbarInh.exe

Files

0a1eb2293e86773d87a0087fdde048ca_JaffaCakes118
.cab
CWBUITSK.EXE
.exe windows:4 windows x86 arch:x86

85fb6059f4c97e66cfa998c72db15720

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cwbcf

ord193

cwbco

ord365

cwbbb1

ord74
ord77
ord107
ord67
ord72

cwbnl1

ord12
ord9
ord4
ord15

cwbmsgbx

ord4
ord3
ord5

kernel32

WinExec
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
CreateFileMappingA
lstrcpynA
CloseHandle
GetVersionExA
lstrcmpA
GetStartupInfoA
Sleep
GetVersion
GetModuleHandleA

user32

GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetKeyState
LoadMenuA
CreateDialogParamA
GetWindowRect
GetSystemMetrics
MoveWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
DestroyMenu
ShowWindow
LoadImageA
GetDlgItem
SetFocus
GetMenuItemInfoA
PostQuitMessage
GetAsyncKeyState
GetCursorPos
SetForegroundWindow
SetMenuItemInfoA
DestroyIcon
SetTimer
KillTimer

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_initterm
__p__acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
getenv
__CxxFrameHandler

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 864B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NvTaskbarInh.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 756KB - Virtual size: 755KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85fb6059f4c97e66cfa998c72db15720

Headers

File Characteristics

Imports

cwbcf

cwbco

cwbbb1

cwbnl1

cwbmsgbx

kernel32

user32

advapi32

shell32

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 512B

.data Size: 1024B - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 864B - Virtual size: 5KB

Headers

File Characteristics

Sections

CODE Size: 186KB - Virtual size: 186KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 9KB - Virtual size: 9KB

.rsrc Size: 756KB - Virtual size: 755KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 512B

.data
Size: 1024B - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 864B - Virtual size: 5KB

CODE
Size: 186KB - Virtual size: 186KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 756KB - Virtual size: 755KB