0c1d6ff4d0b38bdbe1f88c138e848dac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c1d6ff4d0b38bdbe1f88c138e848dac_JaffaCakes118
Size

360KB
MD5

0c1d6ff4d0b38bdbe1f88c138e848dac
SHA1

3714b284a49bafe72b2eb83ebcd5c94104936bc4
SHA256

62f05dbc2ce70883e44ba51f89b206a293bc12fd9153b06460d4f7c6a537e5cb
SHA512

2c2cb6775ad908101c94e8c3c136e7badee4c5bb14f9922c76f70595256ce443e23c7714eb18897b720ab3395e650af38b571b0aa7410e3b465897512288c70c
SSDEEP

6144:/RX2RjS8//3FXPYnkd4/hZ5TbByC76TQEGBJcd14y0g:/REB3F/UfX5fB9uTj6O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c1d6ff4d0b38bdbe1f88c138e848dac_JaffaCakes118

Files

0c1d6ff4d0b38bdbe1f88c138e848dac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

945fc0b1b4e94c92dde85ab607fdbf1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GlobalLock
FindFirstFileW
CreateFileMappingA
CompareStringA
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
InterlockedDecrement
TerminateProcess
SetEnvironmentVariableA
GetCommandLineA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
SetEvent
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
GetTempPathA
FreeEnvironmentStringsW
SetErrorMode
CreateFileA
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
lstrlenW
GetConsoleOutputCP
GetStdHandle
RtlUnwind
InterlockedCompareExchange
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
FindFirstFileA
CloseHandle
GetACP
GetModuleHandleW
HeapCreate
SizeofResource
VirtualFree
WriteConsoleA
Sleep
ReleaseMutex
VirtualAlloc
GetSystemDirectoryA
GetOEMCP

gdi32

SetBkColor
CreateFontIndirectA
SetBkMode
DeleteObject
GetDeviceCaps
DeleteDC
GetStockObject
SetTextColor
CreateCompatibleDC
SelectObject
CreateSolidBrush
BitBlt

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
OpenProcessToken
RegSetValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

user32

DefWindowProcA
MoveWindow
PostQuitMessage
LoadBitmapA
SetCursor
EnableWindow
GetClientRect
SendMessageA
IsWindowVisible
PostMessageA
GetSysColor
MessageBoxA
SetForegroundWindow
GetDesktopWindow
TrackPopupMenu
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
SetWindowTextA
EndDialog
SetWindowLongA
SetCapture
GetWindowRect
GetSystemMetrics
KillTimer
BeginPaint
SetFocus
EndPaint
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
GetWindow
TranslateMessage
PeekMessageA
ShowWindow
FillRect
UpdateWindow
GetParent
GetMessageA
DestroyWindow
ClientToScreen
ReleaseDC
GetCursorPos
SetWindowPos

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

945fc0b1b4e94c92dde85ab607fdbf1e

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

version

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 300KB - Virtual size: 300KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 300KB - Virtual size: 300KB

.rsrc
Size: 8KB - Virtual size: 6KB