0af2c8121528a201bd126c40f53f86b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0af2c8121528a201bd126c40f53f86b2_JaffaCakes118
Size

282KB
MD5

0af2c8121528a201bd126c40f53f86b2
SHA1

3965a7d37c995f1787b9951eb836191c5fe9d43b
SHA256

61a8ed28fa6460ebbc242b4c20cbbd577e0e1220cb60236178699e014db0f197
SHA512

8189de1a86e3c56e5394daaa6361703a793f24c1d6ea0c748a96acf5a878cbced5ca84e74f12754ca1cfc228799affcd2e73445b8d1b685591c380eb8b513746
SSDEEP

6144:GKa30a7IZ18oBaAbmjMXaxJ8tLIqiFOZLka3JXdTpuW9MRi:Gv3tQygGiLIqlX7uW9N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af2c8121528a201bd126c40f53f86b2_JaffaCakes118

Files

0af2c8121528a201bd126c40f53f86b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60eb675386c719f3d757e0403ed27b1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetStringTypeA
DeleteFiber
GetEnvironmentStringsW
GetModuleFileNameW
InitializeCriticalSection
HeapAlloc
WideCharToMultiByte
SetUnhandledExceptionFilter
LCMapStringA
TlsFree
WriteConsoleOutputAttribute
GetVolumeInformationW
FreeEnvironmentStringsW
SetHandleCount
SetLastError
EnumSystemLocalesA
GetStartupInfoA
GetStartupInfoW
CreateDirectoryA
SetConsoleCtrlHandler
GetCommandLineA
GetStdHandle
GetCurrentThread
SetCurrentDirectoryW
GetTimeZoneInformation
TlsAlloc
GetProcessHeap
GetProcAddress
DeleteFileW
GetOEMCP
UnhandledExceptionFilter
SleepEx
GetCPInfo
FlushViewOfFile
GetUserDefaultLCID
VirtualQuery
IsValidLocale
TlsSetValue
LeaveCriticalSection
FreeEnvironmentStringsA
HeapCreate
Sleep
GetLocaleInfoW
HeapReAlloc
IsValidCodePage
ExitProcess
DebugActiveProcess
CreateRemoteThread
VirtualAlloc
VirtualFree
QueryPerformanceCounter
GetCurrentProcess
InterlockedDecrement
GetModuleHandleA
GetFileType
HeapDestroy
HeapSize
GetCurrentThreadId
MultiByteToWideChar
TlsGetValue
GetACP
GetLastError
GetCurrentProcessId
GetModuleFileNameA
InterlockedIncrement
FreeLibrary
LocalFlags
GetTickCount
GetTimeFormatA
DeleteCriticalSection
GetEnvironmentStrings
SetEnvironmentVariableA
LCMapStringW
RtlUnwind
GetDateFormatA
GetSystemTimeAsFileTime
InterlockedExchange
IsDebuggerPresent
CompareStringW
CompareStringA
GetLocaleInfoA
WriteFile
GetStringTypeW
GetVersionExA
HeapFree
TerminateProcess
LoadLibraryA
GetCommandLineW

user32

GetPriorityClipboardFormat
EnumChildWindows
RegisterDeviceNotificationW
GetMessageA
OemKeyScan
EnableScrollBar
SetMenuItemBitmaps

gdi32

UpdateICMRegKeyW
GetDIBits
TranslateCharsetInfo
SetMetaRgn
GetWinMetaFileBits
FixBrushOrgEx
GetPixelFormat
GetColorSpace
gdiPlaySpoolStream
CreatePalette
ColorCorrectPalette
FillRgn
SetViewportExtEx
CheckColorsInGamut
SetViewportOrgEx
SetAbortProc
CreateMetaFileW
CopyMetaFileW
SetArcDirection
SetBkMode
AddFontResourceW
TextOutA
CreateRoundRectRgn
GetNearestColor
CopyEnhMetaFileW

shell32

SHUpdateRecycleBinIcon
SheChangeDirA
InternalExtractIconListA
ExtractAssociatedIconW
FindExecutableA
SheGetDirA
CommandLineToArgvW
ShellHookProc
DoEnvironmentSubstA
SHGetSpecialFolderPathA
ExtractAssociatedIconA
SHGetNewLinkInfo
ShellAboutW
SHQueryRecycleBinW
SHFileOperationW
ExtractAssociatedIconExW
ExtractIconEx
SHChangeNotify

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60eb675386c719f3d757e0403ed27b1c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 140KB - Virtual size: 145KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 140KB - Virtual size: 145KB

.rsrc
Size: 15KB - Virtual size: 15KB