0c242e7aeedf36e7ad20612a3917d38c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c242e7aeedf36e7ad20612a3917d38c_JaffaCakes118
Size

160KB
MD5

0c242e7aeedf36e7ad20612a3917d38c
SHA1

5887165fad9cd647aa12e3558e384a8b2f3fa822
SHA256

a92fad588a66e1a4dff1da69f1315ea64e75d07b3ae8fda83367073d5837db8a
SHA512

4f971e705b2b889f303ba29659e1429f95995f78a3b0767bd18fb24c2292b05cfdf489597d28a2cfb3c6af71c452a7b95de94d5571b84d6067d6ad0c7ef0a173
SSDEEP

3072:vX5gVNcGwoXQRY/Ua3IIhpckGU5ugpWITY5TwnjxE2woy8PSwnE:vX7GBQR0Ua3IIXGkZPk6lqw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c242e7aeedf36e7ad20612a3917d38c_JaffaCakes118

Files

0c242e7aeedf36e7ad20612a3917d38c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

991b93a4cad5fbf5f2fbbdb2215891f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_ftol
malloc
_initterm
exit
memmove
_adjust_fdiv
_vsnwprintf
__getmainargs
??2@YAPAXI@Z
__p__commode
mbstowcs
atoi
free
_purecall
??3@YAXPAX@Z

msacm32

acmGetVersion
acmStreamUnprepareHeader
acmStreamPrepareHeader
acmMetrics
acmStreamClose
acmFormatTagDetailsW
acmStreamOpen
acmStreamConvert
acmStreamSize
acmFormatSuggest
acmFormatDetailsW
acmFormatChooseW

winmm

mmioClose
mmioRead
mmioOpenW
mmioSeek
mmioWrite

user32

DialogBoxParamW
CharPrevW
EndDialog
PeekMessageW
SetDlgItemInt
SetDlgItemTextW
MessageBoxW
ReleaseDC
SetRectEmpty
SendMessageW
GetDC
IsRectEmpty
CheckDlgButton
wsprintfW
LoadStringW
MessageBeep
GetDlgItem
IsDlgButtonChecked
DestroyWindow
EnableWindow
TranslateMessage
SendDlgItemMessageW
SetRect

kernel32

GetSystemTimeAsFileTime
lstrcpyA
WideCharToMultiByte
GlobalAlloc
GetFullPathNameW
LocalAlloc
LoadLibraryW
CloseHandle
GetLastError
IsBadReadPtr
CreateFileW
ResetEvent
WriteFile
LocalFree
GlobalReAlloc
GetLocaleInfoA
LeaveCriticalSection
lstrcmpW
lstrlenA
GlobalUnlock
GetOverlappedResult
SetUnhandledExceptionFilter
InitializeCriticalSection
lstrcatA
DeleteCriticalSection
lstrcpynW
MultiByteToWideChar
GlobalSize
GetDiskFreeSpaceW
MulDiv
QueryPerformanceCounter
GetModuleHandleA
EnterCriticalSection
GlobalFree
lstrcpyW
GetFileSize
ReadFile
GetCurrentProcessId
GetTickCount
SetErrorMode

msvfw32

ICCompressorFree
ICDecompress
ICCompress
ICClose
ICOpen
ICGetDisplayFormat
ICSendMessage
ICCompressorChoose
ICGetInfo

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyW
RegCloseKey
RegQueryValueW
RegEnumKeyW

ole32

CoGetMarshalSizeMax
CoMarshalInterface
OleGetClipboard
CoUnmarshalInterface
CoGetMalloc
ReleaseStgMedium
OleFlushClipboard
CoCreateInstance
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
OleSetClipboard

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

991b93a4cad5fbf5f2fbbdb2215891f8

Headers

File Characteristics

Imports

msvcrt

msacm32

winmm

user32

kernel32

msvfw32

advapi32

ole32

Sections

.text Size: 109KB - Virtual size: 109KB

.idata Size: 20KB - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 109KB - Virtual size: 109KB

.idata
Size: 20KB - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 23KB - Virtual size: 23KB