0a6821030a8e82dd97ce8f3268f36a67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a6821030a8e82dd97ce8f3268f36a67_JaffaCakes118
Size

184KB
MD5

0a6821030a8e82dd97ce8f3268f36a67
SHA1

04206288147cfb21fe8c3ec2a2c85564f2053755
SHA256

209644d2ee80c19dfd59d93742b653e61d645edc138008842af1598ab0d279e9
SHA512

e5c68e306f256cc721deff6ac3a29603774c7faa3f6f1cab6af2ccc20259a2552ef3aeb99eb8332c01f10c4cdd9b1b7f4015ce20c2d794750464cf912b6587f0
SSDEEP

3072:Ie6lXYMmjunHTOT4+UM9sQOvDyBPzGN/GZ2tu/TG4cxhILl+Z8bSnLq+0qD:8Ajuzr+UMIbu7GN/lcS4cxhTnLqa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a6821030a8e82dd97ce8f3268f36a67_JaffaCakes118

Files

0a6821030a8e82dd97ce8f3268f36a67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d5532a58256de6e4450b0f2c314ea2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetSystemInfo
TlsAlloc
TlsGetValue
LoadLibraryW
LocalAlloc
lstrlenW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
VirtualAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetFileSize
RtlUnwind
HeapFree
VirtualFree
GetCurrentThread
GetLastError
SetLastError
DeleteCriticalSection
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
ExitProcess
GetVersion
GetModuleHandleA
SetEndOfFile
GetCommandLineA
CreateThread
GetFileType
GlobalAlloc
HeapReAlloc
SizeofResource
GetCurrentProcess
GetStartupInfoA
GetACP
HeapCreate
GetConsoleMode
TlsSetValue
GetSystemTimeAsFileTime
lstrlenA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
FindFirstFileW
GetStringTypeA
GlobalFree
GetFileAttributesW
GetCurrentProcessId
LoadResource
GetCommandLineW
HeapSize
RegisterWaitForSingleObject
GetCurrentThreadId
FormatMessageW
SetHandleCount
SetErrorMode
HeapDestroy
FlushFileBuffers
SetEvent
TlsFree
CreateFileW
GetProcessHeap
Sleep
LoadLibraryExW
GetCPInfo
SetStdHandle
LCMapStringW
GetTickCount
GetOEMCP
CreateEventW
WriteFile
VirtualAllocEx

user32

SetWindowPos
DestroyIcon
ReleaseDC
GetSubMenu
SendMessageW
SetCapture
CreateWindowExW
ClientToScreen
AdjustWindowRectEx
GetMenuStringW
CreateWindowExA
SetWindowTextW
MessageBeep
SetMenuItemInfoA
AllowSetForegroundWindow
MoveWindow
GetCursorPos
DestroyWindow
GetKeyState
ShowWindowAsync
GetMenu
LoadStringW
LoadIconA
DefWindowProcW
PostMessageW
DestroyMenu
RegisterClassW
SetActiveWindow
GetClientRect
InflateRect
CheckMenuItem
GetActiveWindow
OffsetRect
ReleaseCapture
DrawFocusRect
SetWindowLongW
TrackPopupMenu
GetMenuItemCount
UnregisterClassA
PtInRect

ole32

OleUninitialize
OleRegGetUserType
OleIsRunning
OleInitialize
CoCreateGuid
CreateBindCtx
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
GetRunningObjectTable
OleRun
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemFree
CoTaskMemAlloc
RegisterDragDrop
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoDisconnectObject
CoQueryProxyBlanket
CoLockObjectExternal
OleFlushClipboard
CLSIDFromString
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoInitialize
CoUninitialize
RevokeDragDrop
CreateStreamOnHGlobal
CoFreeUnusedLibraries
StringFromCLSID
CoGetClassObject

advapi32

RegEnumValueA
RegOpenKeyExA
CryptAcquireContextA
CloseServiceHandle
CryptReleaseContext
RegDeleteValueA
InitializeAcl
InitializeSecurityDescriptor
DeregisterEventSource
GetLengthSid
AdjustTokenPrivileges
RegQueryValueExW
AllocateAndInitializeSid
CryptHashData
RegQueryValueExA
RegEnumKeyExW
LookupPrivilegeValueA
EqualSid
QueryServiceStatus
CryptDestroyHash
OpenThreadToken
GetTokenInformation
RegCloseKey
CryptGenRandom
AddAccessAllowedAceEx
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExA
RegDeleteKeyW
RegSetValueExW
OpenServiceW
FreeSid
RegDeleteValueW
RegEnumValueW
RevertToSelf
RegCreateKeyExA
RegOpenKeyExW
SetSecurityDescriptorDacl
RegDeleteKeyA
RegSetValueExA
AddAccessAllowedAce
CryptCreateHash
OpenProcessToken
CryptAcquireContextW

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d5532a58256de6e4450b0f2c314ea2d

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 128KB - Virtual size: 224KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 128KB - Virtual size: 224KB

.rsrc
Size: 16KB - Virtual size: 15KB