0c4c0e544d97baec68b73a3fdf945c6e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c4c0e544d97baec68b73a3fdf945c6e_JaffaCakes118
Size

98KB
MD5

0c4c0e544d97baec68b73a3fdf945c6e
SHA1

b52d09a1b3ef998972b5d7c8a616a204a17ec091
SHA256

c595a1ed3666923499979dde82d54299314d18ce81d08d1d22e793c753df8137
SHA512

c7852235acf57680024e9e25498d0ae9544c2ba8500d8d83494eca3249e6abf019759169007e8e4e68f56a7793bce7cde0125d8930a3f2388cafba7e8056cb1c
SSDEEP

3072:LKiT3kdi/GwepjmGvEZu5DoUd3ULYJF/kWG4cg2jp0e:LFT3kk/bKvvzNd3fm9Uy0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4c0e544d97baec68b73a3fdf945c6e_JaffaCakes118

Files

0c4c0e544d97baec68b73a3fdf945c6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

009983f88e22b69cf47b6c67c7be74fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

CreateStdAccessibleObject

user32

MessageBoxW
SetDlgItemTextW
SetWindowPos
SetWindowLongW
LoadBitmapW
DestroyWindow
GetWindowLongW
SendMessageW
EndPaint
ReleaseDC
GetDlgItem
LoadIconW
BeginPaint
LoadStringW
GetWindowDC
GetParent
PostMessageW
DefWindowProcW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

gdi32

DeleteObject
CreateSolidBrush
CreateFontIndirectW
GetObjectW
GetDeviceCaps
SetBkColor
SetBkMode

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

kernel32

SetUnhandledExceptionFilter
SetLastError
GetModuleHandleA
CancelWaitableTimer
RtlUnwind
ReadFile
GetCurrentProcess
HeapDestroy
GetCurrentThreadId
GetFileType
VirtualFree
GetCommandLineA
GetProcessVersion
UnhandledExceptionFilter
HeapFree
HeapCreate
GetStdHandle
GetVersionExA
GetEnvironmentStringsW
GetCPInfo
RaiseException
TlsFree
GetProcessHeap
GetACP
GetTickCount
ExitProcess
FreeEnvironmentStringsA
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
QueryPerformanceCounter
GetFileAttributesW
TerminateProcess
GetOEMCP
InterlockedIncrement
GetStartupInfoA
LoadLibraryW
TlsGetValue
HeapAlloc
ExitProcess
TlsAlloc
TlsSetValue
DeleteCriticalSection
IsDebuggerPresent
IsValidCodePage
WideCharToMultiByte

crypt32

CryptMsgClose
CertGetNameStringW
CryptQueryObject
CertFreeCertificateContext
CryptDecodeObject
CertEnumSystemStoreLocation
CryptMsgGetParam
CertFindCertificateInStore
CertCloseStore

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

009983f88e22b69cf47b6c67c7be74fb

Headers

File Characteristics

Imports

oleacc

user32

ole32

gdi32

shell32

kernel32

crypt32

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 33KB - Virtual size: 32KB

.rsrc Size: 1024B - Virtual size: 68KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 1024B - Virtual size: 68KB