0b53307ab2490d8d1d059ba29d368c12_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b53307ab2490d8d1d059ba29d368c12_JaffaCakes118
Size

96KB
MD5

0b53307ab2490d8d1d059ba29d368c12
SHA1

03d425973ff6bbaae16ec2c4c05c4dc859a1638c
SHA256

9fc1ceb7e6e66d194e8646030b0e0cdee9a18ac96461b2bfadf1a73673c9a923
SHA512

919ac656dc23a580a6c60449e68e107b15d3cd7dee50759a36954dd102ebe00a59ec87e5506aa64378a44dc9ffa14b1ff391b95aac7b2216293a574f739c2e96
SSDEEP

1536:ThdA5+7nqA/kqdRZCbn8cItnUQ1z1XaBzPVbSGhYolpIHLffUydN8N:ThGU7Lcjbn8B2yRaBr1xD/IHwyduN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b53307ab2490d8d1d059ba29d368c12_JaffaCakes118

Files

0b53307ab2490d8d1d059ba29d368c12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99e789b8477d7a447f5b5d471e7d4ccb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

shlwapi

SHStrDupA
PathGetCharTypeA
SHGetValueA
SHEnumValueA
PathFileExistsA
PathIsContentTypeA
SHQueryInfoKeyA

kernel32

GetEnvironmentStrings
GetACP
SetEndOfFile
GetCommandLineA
GetModuleFileNameA
GetVersion
VirtualFree
FindFirstFileA
GetLocalTime
GetDiskFreeSpaceA
GetProcessHeap
LocalReAlloc
ExitThread
LoadLibraryA
FindClose
SetEvent
GetCurrentProcess
lstrcpynA
MoveFileA
VirtualAllocEx
MoveFileExA
lstrcpyA
CreateFileA
GetTickCount
GetLastError
GlobalAddAtomA
DeleteCriticalSection
GlobalDeleteAtom
SetErrorMode
lstrlenA
LoadLibraryExA
CloseHandle
RaiseException
GetLocaleInfoA
CreateThread
FreeLibrary
VirtualQuery
GlobalAlloc
GetThreadLocale
WriteFile
SetFilePointer
LockResource
WaitForSingleObject
GetCurrentThreadId
HeapDestroy
GetModuleHandleA
VirtualAlloc
DeleteFileA

user32

LoadCursorA
CharNextW
SetWindowsHookExA
EmptyClipboard
GetKeyboardState
GetMenu
GetWindowTextA
GetActiveWindow
SetMenu
GetDC
GetKeyNameTextA
InsertMenuItemA
GetKeyboardLayoutNameA
DispatchMessageW
DestroyMenu
SetActiveWindow
LoadStringA
UnhookWindowsHookEx
InvalidateRect
TrackPopupMenu
GetWindowPlacement
ClientToScreen
DeleteMenu
GetDlgItem
IsWindowVisible
KillTimer
BeginPaint
DispatchMessageA
EnumThreadWindows
CallWindowProcA

ole32

StgCreateDocfileOnILockBytes
StgOpenStorage
OleRun

version

GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA

oleaut32

SysFreeString
RegisterTypeLib
SafeArrayGetElement
OleLoadPicture
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
VariantChangeType

msvcrt

strcmp
wcscspn
strlen
malloc
fabs
abs
memmove
wcsncmp
tan

gdi32

CopyEnhMetaFileA
BitBlt
CreateFontIndirectA
CreatePalette
CreatePenIndirect

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 603B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

99e789b8477d7a447f5b5d471e7d4ccb

Headers

File Characteristics

Imports

comdlg32

shlwapi

kernel32

user32

ole32

version

oleaut32

msvcrt

gdi32

Sections

CODE Size: 29KB - Virtual size: 28KB

.tls Size: 1024B - Virtual size: 603B

.rdata Size: 65KB - Virtual size: 65KB

CODE
Size: 29KB - Virtual size: 28KB

.tls
Size: 1024B - Virtual size: 603B

.rdata
Size: 65KB - Virtual size: 65KB