0b5996340d4ff9c7d027e273b23b741b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b5996340d4ff9c7d027e273b23b741b_JaffaCakes118
Size

332KB
MD5

0b5996340d4ff9c7d027e273b23b741b
SHA1

bdc5469832c29922f53f8a5393afcf9faae94882
SHA256

c2a18cedba17e072e09f04e72a356222d84cb10a58d2dd4d2bd1106460f87309
SHA512

9e55f6f41241037829c0c246412d41a2a65ece572450b97073a8db333118688983997b4d2dc2f4acdca1ae396af119fa70e7790410babeef54b4e95fb6b0c74f
SSDEEP

6144:AyM+iSBi/XrChCkZ8YKcaPQYEBbQ8I2tpO/fU3NrhKf5AwG9rrXEC1m55eNSGXq4:D7Bieh5uRcOQp68xtOG9rV1IgN01b1K1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5996340d4ff9c7d027e273b23b741b_JaffaCakes118

Files

0b5996340d4ff9c7d027e273b23b741b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cf56dfcf31a992163f5919632922f67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
CreateWindowExA
GetWindowThreadProcessId
ChildWindowFromPointEx
GetTopWindow
AdjustWindowRectEx
IsWindowVisible
GetWindowRect
GetNextDlgGroupItem
CascadeWindows
LookupIconIdFromDirectory

oledlg

ord5
ord10
ord11
ord12
ord9
ord7
ord8
ord4
ord6
ord2
ord3
ord1

gdi32

Arc
AddFontResourceA
Ellipse
CreateDCW
GdiGetBatchLimit
AngleArc
CombineRgn
ExtCreateRegion
DeleteEnhMetaFile
GetAspectRatioFilterEx
CreateDiscardableBitmap
CancelDC
DeleteObject
FillRgn

advapi32

RegSetValueExA
BackupEventLogW
RegUnLoadKeyA
OpenThreadToken
ClearEventLogA
RegDeleteValueA
RegFlushKey
RegOpenKeyExA
RegLoadKeyA
BackupEventLogA

kernel32

WriteProfileSectionA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
OpenMutexA
SetEvent
IsValidCodePage
GetCPInfoExA
VirtualFreeEx
GlobalLock
OpenEventA
GetStartupInfoA
SetLocaleInfoA
LCMapStringA
CreateMutexA

netapi32

NetAlertRaiseEx
NetConnectionEnum
NetErrorLogClear
NetErrorLogWrite
NetGetJoinInformation
NetGetDCName
NetFileClose
NetConfigGetAll
Netbios
NetFileGetInfo
NetConfigGet

aclui

ord2
ord1

activeds

ord17
ord9
ord5
ord13
ord21
ord15
ord23
ord16
ord22
ord12
ord7
ord3
ord19
ord8

msvcrt

__p__commode
_controlfp
_except_handler3
exit
_XcptFilter
_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_acmdln
__p__fmode
__set_app_type

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cf56dfcf31a992163f5919632922f67

Headers

File Characteristics

Imports

user32

oledlg

gdi32

advapi32

kernel32

netapi32

aclui

activeds

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 313KB - Virtual size: 313KB

.data Size: 512B - Virtual size: 106KB

.tls Size: 512B - Virtual size: 4B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 313KB - Virtual size: 313KB

.data
Size: 512B - Virtual size: 106KB

.tls
Size: 512B - Virtual size: 4B

.rsrc
Size: 6KB - Virtual size: 5KB