0bb37d4a46e08416a8612768ccc6e117_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bb37d4a46e08416a8612768ccc6e117_JaffaCakes118
Size

88KB
MD5

0bb37d4a46e08416a8612768ccc6e117
SHA1

3a5b5fa944662a1870ceb38f5c1d16415a876080
SHA256

6791701841ee5b8caafe77ef8193b33e3f64c79f04ad06ca4a8aa1b7a5d811bc
SHA512

1119cbdd6d80ef7d57d345cf42e1bf8791852d410cf437aa0239cf917210d548e6ba0a0caa8a324f3f86eee1bb465b00606ed2ea96ba351d32e0d1cd2d3201dc
SSDEEP

1536:d4tDcbNTmEsboau4YC8y/anhpccLcb5y419VTf9iL42LSemK1PV/ozT1eoMPCCtx:d43Ewu4YCj/ahpccgb5ya98ZSemSIMPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bb37d4a46e08416a8612768ccc6e117_JaffaCakes118

Files

0bb37d4a46e08416a8612768ccc6e117_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6341f27e0be410bfe377d30ac1cb0fc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
IsDialogMessageA
GetLastActivePopup
ClientToScreen
CreateIcon
HideCaret
GetKeyState
GetClassInfoA
GetDesktopWindow
GetDC
GetFocus
CharToOemA
GetScrollPos
EnumThreadWindows
GetSubMenu
CheckMenuItem
GetActiveWindow
GetParent
DispatchMessageA
GetMenuItemCount
GetMenuItemInfoA
GetWindow
CharLowerA
DrawFrameControl
ShowWindow
DefWindowProcA

comdlg32

FindTextA
GetFileTitleA

ole32

CoCreateInstanceEx

ntdll

wcscat
atol
_wcsnicmp
RtlDeleteCriticalSection

comctl32

ImageList_DrawEx
ImageList_Write
ImageList_Remove

msvcrt

srand
sqrt
clock
wcstol
memset
memmove
mbstowcs
strlen
wcsncmp
exit
sprintf
wcschr
malloc
calloc
tolower
swprintf
time
atol

shlwapi

PathIsDirectoryA
SHStrDupA
PathIsContentTypeA
SHDeleteKeyA

oleaut32

OleLoadPicture

gdi32

GetRgnBox
GetDIBits
CreateCompatibleBitmap
GetPaletteEntries
SetPixel

kernel32

GetModuleFileNameA
FindResourceA
GetLocalTime
GetCPInfo
GetStdHandle
Sleep
LoadLibraryA
lstrcmpiA
ExitThread
CreateEventA
VirtualAlloc
HeapDestroy
lstrcpynA
lstrlenA
FindClose
GetCurrentThread
GetUserDefaultLCID
FormatMessageA
SetErrorMode
LoadResource
GlobalFindAtomA
LocalFree
GetSystemDefaultLangID
LoadLibraryExA
VirtualQuery
RaiseException
SetHandleCount
LocalReAlloc
SizeofResource
GetStartupInfoA
GetModuleHandleA
CreateThread
MoveFileExA
CloseHandle
WideCharToMultiByte
HeapFree
GetProcessHeap
GetStringTypeW
lstrcpyA
GetFullPathNameA
GetCurrentProcessId
GlobalDeleteAtom
GetStringTypeA
GetFileType
LocalAlloc
GetEnvironmentStrings
GetCurrentThreadId
GetDateFormatA
GetACP
GetVersionExA
GetTickCount
SetLastError
GetLocaleInfoA
VirtualFree
WriteFile

shell32

SHFileOperationA
SHGetDesktopFolder
DragQueryFileA
SHGetDiskFreeSpaceA
Shell_NotifyIconA

version

VerInstallFileA
GetFileVersionInfoSizeA

advapi32

RegCreateKeyA

Sections

.CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6341f27e0be410bfe377d30ac1cb0fc2

Headers

File Characteristics

Imports

user32

comdlg32

ole32

ntdll

comctl32

msvcrt

shlwapi

oleaut32

gdi32

kernel32

shell32

version

advapi32

Sections

.CODE Size: 29KB - Virtual size: 29KB

INIT Size: 50KB - Virtual size: 50KB

.data Size: 5KB - Virtual size: 4KB

.init Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 571B

.CODE
Size: 29KB - Virtual size: 29KB

INIT
Size: 50KB - Virtual size: 50KB

.data
Size: 5KB - Virtual size: 4KB

.init
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 571B