0c726617f796a991077bbb72faa28c61_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c726617f796a991077bbb72faa28c61_JaffaCakes118
Size

192KB
MD5

0c726617f796a991077bbb72faa28c61
SHA1

da28e530c6aef0449bb28cbf1407f14cf52fcf6e
SHA256

a240ac2629f86f8ef8ae25639aa9a1f38473ca75958c55802e43b23c7574c3b8
SHA512

60f7b71863116d000ad521f4214f854bcb643f62ad497143070d29b7871c3efcad6c4df782fabccda03404c855d0cfc68053c3f2535cc71371f1c6eb9d54fc86
SSDEEP

3072:SSDA9TNM2PEakZrGshz7BKLebz2AW/sMrT5lky686da:S0sTNM2PK3WLbsEc86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c726617f796a991077bbb72faa28c61_JaffaCakes118

Files

0c726617f796a991077bbb72faa28c61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d26567df0e1c690e66fc31d6e43fd8a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassInfoExW
SetPropW
GetClassLongW
GetNextDlgGroupItem
CopyAcceleratorTableW
CharNextW
CreateWindowExW
WinHelpW
SendDlgItemMessageA
IsRectEmpty
CharUpperW
MessageBeep
RegisterWindowMessageW
SetRect
RemovePropW
InvalidateRect
GetPropW
GetNextDlgTabItem
InvalidateRgn
DestroyMenu

gdi32

ScaleWindowExtEx
GetBkColor
ScaleViewportExtEx
OffsetViewportOrgEx
GetStockObject
SetViewportOrgEx
SelectObject
RectVisible
GetDeviceCaps
GetTextColor
SetWindowExtEx
TextOutW
ExtSelectClipRgn
ExtTextOutW
DeleteDC
PtVisible
GetMapMode
Escape
GetRgnBox

kernel32

MoveFileW
LocalFileTimeToFileTime
GetCalendarInfoW
WideCharToMultiByte
ReadFile
LoadLibraryW
MultiByteToWideChar
DeleteFileW
GetThreadContext
ConvertDefaultLocale
GetCurrentDirectoryW
WriteFile
lstrcpyW
SetFilePointer
EnumResourceLanguagesW
GetCurrentProcessId
SetFileTime
CreateFileW
SystemTimeToFileTime
EnumResourceNamesA
InterlockedDecrement
GetFileAttributesW
ExitProcess
GetModuleFileNameW
GetSystemDefaultLangID
RemoveDirectoryW
CreateDirectoryW
FindNextFileW
GetLocaleInfoW
FindFirstFileW
GetVersion
FindClose
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleUninitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
OleInitialize
OleFlushClipboard
CoUninitialize
CoRevokeClassObject
CLSIDFromString

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d26567df0e1c690e66fc31d6e43fd8a3

Headers

File Characteristics

Imports

user32

gdi32

kernel32

oleacc

shlwapi

shell32

ole32

advapi32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 116KB