0c5d09c04ddcd529e9db0455c7902e0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c5d09c04ddcd529e9db0455c7902e0f_JaffaCakes118
Size

171KB
MD5

0c5d09c04ddcd529e9db0455c7902e0f
SHA1

7c537d206e1c9495d08c6d1228c0680d911012cf
SHA256

6e3fbec00f2435339f28f250ce833905e6d55545973b223289f71745c33c5125
SHA512

56cf5c6e648a0dcfabc7954e6ae425de5ca131f0476ee584cbca71ac6cffc8d23b00961629082603880ec6f3024984aa88474b887ad73b823c4aa16ec8dc0a0c
SSDEEP

3072:SCene5q+W/2OMFEv7xMVZBV/mE5t72sgkvj0I+FvPzMxn0fN2Y5xewp5a9SK:SCeiq+DOMFEt07mm72sgkvgX4xyN5x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c5d09c04ddcd529e9db0455c7902e0f_JaffaCakes118

Files

0c5d09c04ddcd529e9db0455c7902e0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69db446311d6ded99a65060008607a76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EmptyClipboard
CloseClipboard
MapVirtualKeyA
IsWindowUnicode
GetScrollPos
CharNextA
IsChild

version

VerInstallFileA
GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA

oleaut32

SafeArrayGetElement
SafeArrayPtrOfIndex
GetErrorInfo
SafeArrayGetUBound
VariantChangeType
SysReAllocStringLen
SysAllocStringLen
SafeArrayUnaccessData
VariantCopyInd
OleLoadPicture
SafeArrayCreate
SysFreeString
RegisterTypeLib
GetErrorInfo
VariantChangeType
SysStringLen

shlwapi

SHDeleteKeyA
SHDeleteValueA
PathIsDirectoryA
SHQueryInfoKeyA
PathFileExistsA
SHStrDupA
SHGetValueA
PathGetCharTypeA
PathIsContentTypeA
SHEnumValueA
SHGetValueA
SHQueryInfoKeyA
SHEnumValueA
PathGetCharTypeA
SHStrDupA
SHDeleteKeyA
PathIsDirectoryA
SHGetValueA
SHQueryValueExA
SHQueryInfoKeyA
SHEnumValueA
PathFileExistsA
SHSetValueA
PathGetCharTypeA
SHStrDupA
PathIsDirectoryA

gdi32

GetClipBox
SelectObject
SelectPalette
LineTo
GetClipBox
SelectObject
SetPixel
GetCurrentPositionEx

advapi32

RegCreateKeyA
RegLoadKeyA
RegDeleteKeyA

msvcrt

memcpy
wcscspn
rand
swprintf
strlen

kernel32

GlobalAlloc
GetProcAddress
LoadLibraryA
VirtualAlloc
GetCommandLineW
ExitProcess
GetLastError
GetVersionExA
ExitThread
LoadLibraryExA
GetModuleHandleW
GetModuleHandleA
lstrlenA
IsBadReadPtr

shell32

SHGetFolderPathA
DragQueryFileA

ole32

CoTaskMemFree
CoUnmarshalInterface
OleRun
CLSIDFromString
CoFreeUnusedLibraries

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA
GetFileTitleA

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_Draw
ImageList_DrawEx
ImageList_Write
ImageList_Read
ImageList_GetBkColor
ImageList_Remove
ImageList_DragShowNolock

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 779B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 1KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 541B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data2
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69db446311d6ded99a65060008607a76

Headers

File Characteristics

Imports

user32

version

oleaut32

shlwapi

gdi32

advapi32

msvcrt

kernel32

shell32

ole32

comdlg32

comctl32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 1024B - Virtual size: 779B

.data1 Size: 1KB - Virtual size: 69KB

.data6 Size: 1024B - Virtual size: 541B

.data2 Size: 117KB - Virtual size: 117KB

.data8 Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 996B

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 1024B - Virtual size: 779B

.data1
Size: 1KB - Virtual size: 69KB

.data6
Size: 1024B - Virtual size: 541B

.data2
Size: 117KB - Virtual size: 117KB

.data8
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 996B