0aa2b92cf94acbd348010055ec80d094_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0aa2b92cf94acbd348010055ec80d094_JaffaCakes118
Size

248KB
MD5

0aa2b92cf94acbd348010055ec80d094
SHA1

456783899eb75ff6e8652c9d1e3511f82be18500
SHA256

a033a8ad136aa2ed168fc8b43861681da01ce2c51384c8fae5759bad060d1638
SHA512

de59fa069759fcbded1401d6235a33fe27c192d07929cbacf1a97b3fc138d875fb6e428c3c67bc17d3dfa7db8ea58166536d7ca9ec357d4bb47e876f4b2fdddf
SSDEEP

3072:4Xay56Heqt16sgkTh2PI0jWqKggqmvEdEh/N7APlFWhqea0rn:qayYHtJBJP+mvESh/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aa2b92cf94acbd348010055ec80d094_JaffaCakes118

Files

0aa2b92cf94acbd348010055ec80d094_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a4db46b0c6dc7cf594245a022fb1012c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
ReadFile
CreateFileW
WideCharToMultiByte
GetFileSize
lstrcmpW
lstrcmpiW
FlushConsoleInputBuffer
GetStdHandle
HeapAlloc
GetProcessHeap
HeapFree
DebugBreak
WriteConsoleW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
ReadConsoleW
GetConsoleScreenBufferInfo
GetFileType
GetLocaleInfoW
GetUserDefaultLCID
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
GetLocalTime
SetLocalTime
SetConsoleMode
GetConsoleMode
GetCommandLineW
GetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
SetErrorMode
GetVDMCurrentDirectories
CreateProcessW
GetCurrentThreadId
GetFileAttributesW
GetBinaryTypeW
ReadProcessMemory
GetProcAddress
LoadLibraryW
MultiByteToWideChar
CloseHandle
MoveFileExW
SetConsoleTitleW
WriteFile
SearchPathW
GetVolumeInformationW
GetModuleHandleW
GetConsoleTitleW
GetWindowsDirectoryW
SetConsoleCtrlHandler
InitializeCriticalSection
ExpandEnvironmentStringsW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetDriveTypeW
GetFileAttributesExW
VirtualFree
VirtualAlloc
HeapSize
HeapReAlloc
DuplicateHandle
FlushFileBuffers
FormatMessageW
ScrollConsoleScreenBufferW
SetConsoleTextAttribute
FillConsoleOutputAttribute
CreateDirectoryW
DeleteFileW
SetFileAttributesW
CopyFileW
SetFileTime
SetCurrentDirectoryW
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
GetCurrentDirectoryW
RemoveDirectoryW
CompareFileTime
LocalFree
VirtualQuery
GetThreadLocale
FindFirstFileW
FindNextFileW
FindClose
GetFullPathNameW
SetFilePointer
GetConsoleOutputCP
GetCPInfo
SetThreadLocale
CmdBatNotification
SetLastError
MoveFileW
GetDiskFreeSpaceExW
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary

user32

MessageBeep
GetThreadDesktop
GetUserObjectInformationW
GetProcessWindowStation

advapi32

RegQueryValueExW
RegSetValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
GetSecurityInfoExW

msvcrt

longjmp
wcslen
wcscpy
_tell
towupper
wcsspn
_get_osfhandle
_getch
wcscat
_snwprintf
wcstol
wcscmp
wcsncpy
wcschr
memmove
_pclose
fgets
_popen
_wcsnicmp
_wcsicmp
iswspace
iswdigit
_wcsupr
setlocale
towlower
wcsrchr
fprintf
_iob
swprintf
rand
printf
iswalpha
wcstoul
free
malloc
_except_handler3
_setjmp3
fflush
srand
time
_wtol
iswxdigit
exit
_setmode
_seh_longjmp_unwind
wcsncmp
_pipe
_ultoa
swscanf
realloc
_close
_open_osfhandle
_dup
_dup2
wcsstr
_vsnwprintf
qsort
_wcslwr
calloc
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4db46b0c6dc7cf594245a022fb1012c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 107KB - Virtual size: 107KB

.data Size: 4KB - Virtual size: 52KB

.rsrc Size: 135KB - Virtual size: 135KB

.text
Size: 107KB - Virtual size: 107KB

.data
Size: 4KB - Virtual size: 52KB

.rsrc
Size: 135KB - Virtual size: 135KB