0c78672302a602c0d6f326a17f5a0435_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c78672302a602c0d6f326a17f5a0435_JaffaCakes118
Size

522KB
MD5

0c78672302a602c0d6f326a17f5a0435
SHA1

cd78011753047f5711eb7192439c92e146c3a26a
SHA256

dc23faa278591ad2548c518d07ebf2cb1f6750bf42a566e41ef93fe759368a39
SHA512

9448c84e74df8bbb75908e250010fc425c52782decba02359f063609895f6a0fbb1d7db7ce466f3aed01db5b9aabe11c4afb211b839b958b7089203742e464fe
SSDEEP

12288:SnJGae4ns7qr8Az5SDR4LYcCr+JNqGg4UXXogvxGVsHg:SnXRns71Az5VLYcCrmW3X4I4VsA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c78672302a602c0d6f326a17f5a0435_JaffaCakes118

Files

0c78672302a602c0d6f326a17f5a0435_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85e8d474acec4ad30afe4ab5611065cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\bttld\zoaoimz\clmxoz\eeaieeeos\rjfbse\gjwza.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

RtlUnwind
EnterCriticalSection
QueryPerformanceCounter
VirtualQuery
GetCommandLineA
SetHandleCount
GetSystemTimeAsFileTime
GetCurrentProcess
GetFileType
LCMapStringA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
DeleteCriticalSection
LocalHandle
GetConsoleCP
ExitProcess
GetStdHandle
EnumResourceNamesW
SetFilePointer
GetUserDefaultLangID
InterlockedExchange
InterlockedIncrement
Sleep
SetLastError
HeapAlloc
IsValidCodePage
GetEnvironmentStrings
CreateRemoteThread
GetStringTypeW
LocalLock
FreeEnvironmentStringsA
GetDateFormatA
CloseHandle
SetUnhandledExceptionFilter
LCMapStringW
UnhandledExceptionFilter
IsDebuggerPresent
SetLocaleInfoW
FlushFileBuffers
TlsSetValue
TlsAlloc
GetUserDefaultLCID
HeapFree
HeapCreate
SetStdHandle
HeapDestroy
lstrcpyA
GetProcAddress
WideCharToMultiByte
TerminateProcess
GetModuleFileNameA
LockFileEx
OpenMutexA
GetConsoleOutputCP
GetVersionExA
GetThreadPriorityBoost
TransactNamedPipe
VirtualAlloc
SetConsoleCtrlHandler
GetLocaleInfoA
GetProfileStringW
GetCurrentProcessId
GetModuleHandleA
GetProcessHeap
GetLastError
GetStringTypeA
WriteFile
GetCurrentThreadId
CreateFileA
GetLocaleInfoW
TlsFree
GetStartupInfoA
GetCPInfo
GetCurrentThread
InterlockedDecrement
CompareStringW
HeapReAlloc
EnumSystemLocalesA
CreateWaitableTimerW
GetTickCount
MapViewOfFile
WriteConsoleA
GetACP
WriteConsoleW
GetTimeFormatA
SetEnvironmentVariableA
FreeLibrary
InitializeCriticalSection
TlsGetValue
GetTimeZoneInformation
ReadFile
CompareStringA
GetCompressedFileSizeW
WriteFileEx
GetMailslotInfo
lstrcpy
LoadLibraryA
HeapSize
FlushConsoleInputBuffer
LeaveCriticalSection
GetConsoleMode
CreateMutexA
MultiByteToWideChar
VirtualFree
GetFileAttributesA
EnumCalendarInfoExA
SetThreadIdealProcessor
IsValidLocale

user32

IsMenu
PostMessageW
GetMessagePos
FindWindowW
SendInput
CheckRadioButton
RegisterClassA
RegisterDeviceNotificationW
DdeUnaccessData
ImpersonateDdeClientWindow
SetScrollInfo
SetWindowsHookW
EnumWindowStationsA
RegisterClassExA
EnumDesktopsW
OpenDesktopA
SetWindowPos
LookupIconIdFromDirectoryEx
MapDialogRect
SetDlgItemTextA
CreateDesktopW
DdeQueryNextServer
WINNLSGetIMEHotkey
SetWindowsHookA

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85e8d474acec4ad30afe4ab5611065cd

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 29KB - Virtual size: 49KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 29KB - Virtual size: 49KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 17KB - Virtual size: 17KB