0a4a366fb54c196241bf623e00aabe5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a4a366fb54c196241bf623e00aabe5c_JaffaCakes118
Size

85KB
MD5

0a4a366fb54c196241bf623e00aabe5c
SHA1

ec9c858de0983c769de0974c35a6061061b2a7ec
SHA256

e72572e1b291a4fafa25a0672fa46cf666517c4ff7da243daa88c2067dd3102c
SHA512

6e73fd8dc3deb35ae6ef2d205984ec1462a75d4932ecc0428be81a84a3e694234bb0adb57ab319c864bbd54c55c21038cd1111cf65b60702d357a6160a5bc0b9
SSDEEP

768:JQXKjX0g08JHLsE+KSEB9EDCjeWM+vMDUyQTOSz3JI4SC9H/PJwPWy4AI3V/sgcK:OXKDLJHLh+KSM+CqWz1LuO/Pz4YQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4a366fb54c196241bf623e00aabe5c_JaffaCakes118

Files

0a4a366fb54c196241bf623e00aabe5c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f8fd806f8f8b4dee09ae73e82ce52129

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCreateFromUrlW
StrCatW
StrTrimW
SHSetValueW
SHGetValueW
wnsprintfA
PathIsRootW
StrChrW
PathRemoveFileSpecW
StrCmpNW
SHDeleteValueW
wnsprintfW
PathAppendW
PathIsRelativeW
PathAddBackslashW
SHDeleteKeyA
StrCmpNIA
PathStripToRootA
SHDeleteKeyW
PathGetDriveNumberW
PathAppendA
StrRChrW
StrToIntW
StrCatBuffW

msvcrt

floor
fread
atoi
_wcsupr
wcschr
rand
isalnum
__set_app_type
strtoul
_wcslwr
?terminate@@YAXXZ
??2@YAPAXI@Z
_ftol
bsearch
__p__fmode
iswdigit
_XcptFilter
wcsrchr
_wcsicmp
mbstowcs
??1type_info@@UAE@XZ
_strdup
_stricmp
calloc
fclose
ceil

ole32

CoTaskMemRealloc
CLSIDFromString
CoDisconnectObject
OleRegGetUserType
CoInitialize
CoTaskMemFree
CoGetObjectContext
CoCreateInstance
CreateBindCtx
StringFromGUID2
PropVariantCopy
StringFromIID
CoGetClassObject
StgOpenStorage
CoReleaseMarshalData
CoMarshalInterface
OleGetAutoConvert
PropVariantClear
CoGetMalloc
OleSaveToStream

user32

MapWindowPoints
IntersectRect
UnregisterClassW
EqualRect
SendMessageW
EndDialog
SetWindowLongA
BeginPaint
RegisterClipboardFormatW
GetMenu
DrawTextW
CharNextW
GetWindowLongA
CharPrevW
ClientToScreen
GetForegroundWindow
EnableMenuItem
GetDC
SetCursor
FindWindowA
SendMessageA
ShowWindow
UnregisterClassA
GetSystemMetrics
CreateWindowExA
IsWindowEnabled
SetWindowTextA
PostMessageW
SetDlgItemTextW
GetWindowLongW
SetMenu
GetSubMenu
GetSystemMenu

kernel32

OpenProcess
GetStdHandle
FindNextFileW
GetThreadLocale
FileTimeToSystemTime
lstrcatA
VirtualFree
lstrcpynA
GetFileType
ExitProcess
GetCurrentProcessId
GetFullPathNameW
IsBadWritePtr
GetConsoleOutputCP
VirtualAlloc
GetCurrentThread
IsBadCodePtr
MapViewOfFile
SetThreadPriority
FindFirstFileA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 41KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8fd806f8f8b4dee09ae73e82ce52129

Headers

File Characteristics

Imports

shlwapi

msvcrt

ole32

user32

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

DATA Size: 11KB - Virtual size: 10KB

.rdata Size: 19KB - Virtual size: 34KB

.idata Size: 41KB - Virtual size: 87KB

.text
Size: 12KB - Virtual size: 11KB

DATA
Size: 11KB - Virtual size: 10KB

.rdata
Size: 19KB - Virtual size: 34KB

.idata
Size: 41KB - Virtual size: 87KB