0a9a0027365b7108f218687998b7ed71_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0a9a0027365b7108f218687998b7ed71_JaffaCakes118
Size

431KB
MD5

0a9a0027365b7108f218687998b7ed71
SHA1

e820d45738c2fdd259a164e565c48613f3f29445
SHA256

e782a0272da59494d8fd43563d78c2d8140d8c3d5e24ea7413fe723a137087d4
SHA512

fd04128d968f433c055682bc600cc44c9e11a7df24bbe5e4f9e5f86edba1fa5349b2dedb3deb1ac5939a15f4fb387e71da180d8d94cb1abba0ae753d475d585e
SSDEEP

12288:dMKWY43DziwNKvzSJRg4wr4/ihGrd6Me9Tofv7+s+OqL:dMKWT2wKOQ4wrOPrgMsyviz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a9a0027365b7108f218687998b7ed71_JaffaCakes118

Files

0a9a0027365b7108f218687998b7ed71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05324361fbe3bab8ee38110c8a5fefe2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsReplaceRecordSetW
DnsValidateName_UTF8
DnsApiAlloc

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy
CreateToolbarEx
PropertySheetW
CreatePropertySheetPageW
InitCommonControlsEx

kernel32

GetLocaleInfoW
CompareStringA
ExitThread
FindClose
InterlockedExchange
CopyFileW
GetSystemInfo
ConvertDefaultLocale
CloseHandle
DuplicateHandle
SetHandleCount
GetCPInfo
GlobalHandle
GetStartupInfoW
CompareStringW
lstrlenA
GetUserDefaultLCID
lstrcmpiW
WaitForSingleObject
GetStringTypeExW
GetCurrentThread
CreateThread
GlobalUnlock
MoveFileW
IsDebuggerPresent
WritePrivateProfileStringW
SuspendThread
GetCurrentProcess
CreateProcessW
GetModuleHandleA
GetVersionExW
GetAtomNameW
HeapCreate
LCMapStringA
GetPrivateProfileIntW
FlushFileBuffers
GetLastError
CreateEventW
DeleteCriticalSection
SystemTimeToFileTime
GetEnvironmentStrings
SetErrorMode
SetEvent
VirtualAlloc
UnhandledExceptionFilter
GetCommandLineW
FileTimeToSystemTime
GetFileSize
SetThreadPriority
lstrlenW
InterlockedIncrement
LoadResource
DeleteFileW
ResetEvent
SizeofResource
FormatMessageW
SetFilePointer
LocalAlloc
FindResourceW
FreeEnvironmentStringsA
GetFileAttributesW
GetVersion
HeapFree
GetCurrentProcessId
GetCurrentThreadId
FindNextFileW
TerminateProcess
FindFirstFileW
GlobalFindAtomW
HeapAlloc
LocalFileTimeToFileTime
GlobalReAlloc
WriteFile
GlobalGetAtomNameW
GetFileTime
IsValidCodePage
EnumResourceLanguagesW
GetFileAttributesA
FatalAppExitA
GlobalSize
GlobalFlags
GlobalLock
SetFileTime
GetPrivateProfileStringW
GetVolumeInformationW
GetACP
TlsAlloc
VirtualFree
EnterCriticalSection
FileTimeToLocalFileTime
GlobalAlloc
GetProcessHeap
GetVersionExA
HeapReAlloc
LeaveCriticalSection
SetLastError
GetDriveTypeW
GlobalFree
GetShortPathNameW
CreateFileW
GetStdHandle
Sleep
GetCurrentDirectoryA
lstrcpyA
ResumeThread
SetEndOfFile
LCMapStringW
GetCommandLineA
SetFileAttributesW
GlobalAddAtomW
MulDiv
FreeResource
GetModuleFileNameW
ReadFile
LockFile
InitializeCriticalSection
LockResource
TlsFree
UnlockFile
InterlockedDecrement
GlobalDeleteAtom
GetThreadLocale
HeapDestroy
GetFullPathNameW
lstrcmpA
SetUnhandledExceptionFilter
TlsGetValue
GetEnvironmentStringsW
LoadLibraryA
lstrcmpW
GetOEMCP
SetCurrentDirectoryA
WideCharToMultiByte
HeapSize
FreeEnvironmentStringsW
RtlUnwind
ExitProcess
LocalReAlloc
TlsSetValue
RaiseException

comdlg32

PrintDlgA
GetOpenFileNameA

msvcrt

isupper
_snwprintf
isdigit
strtoul
malloc
wcslen
wcscmp
atol
memmove
wcscat
wcscpy
strncmp
_commit
bsearch
_wcsicmp
_onexit
_wcsnicmp
_adjust_fdiv
_except_handler3
_ltow
_ltoa
free
wcschr
_initterm
__dllonexit
_ultoa
isxdigit
qsort
sprintf
_itow

Sections

.data
Size: 251KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05324361fbe3bab8ee38110c8a5fefe2

Headers

File Characteristics

Imports

dnsapi

comctl32

kernel32

comdlg32

msvcrt

Sections

.data Size: 251KB - Virtual size: 920KB

.rdata Size: 76KB - Virtual size: 75KB

.rsrc Size: 18KB - Virtual size: 17KB

.text Size: 84KB - Virtual size: 84KB

.data
Size: 251KB - Virtual size: 920KB

.rdata
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 18KB - Virtual size: 17KB

.text
Size: 84KB - Virtual size: 84KB