0d13c671920e31941214aa9c77095400_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d13c671920e31941214aa9c77095400_JaffaCakes118
Size

505KB
MD5

0d13c671920e31941214aa9c77095400
SHA1

2022a9e00ee50abe6108269b5e1511aa7cc7f7e4
SHA256

1e347703dbfcbfdbdc37ac77bd58009e010f697dcf7f81495bb8f69cf9d4f572
SHA512

47bbdb8e7540c8a44ebf6e32b203e3676da790f43671ed99e295722de172cf94b52d7402b577b712aa6783b0e67f02fa3ff9af853efe168a21c588e04f2dee15
SSDEEP

12288:1xPS/qCQePZetbQGAbVAJ3yZGue3L6n9f+:1ZS/qCQ/QbVAJzJ3LG9m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d13c671920e31941214aa9c77095400_JaffaCakes118

Files

0d13c671920e31941214aa9c77095400_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c9ce562e3320f9754c68d02710e8233

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eggzlzec\cle\apoltrnfew.pdb

Imports

user32

MessageBoxW
ShowWindow
CreateWindowExA
GetPropA
RegisterClassExA
ChangeDisplaySettingsA
RegisterClassA

comctl32

CreatePropertySheetPageW
CreatePropertySheetPage
InitCommonControlsEx
ImageList_GetDragImage
CreateUpDownControl
ImageList_LoadImageA
CreateStatusWindow
ImageList_SetFlags
CreateStatusWindowW
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_LoadImage
CreatePropertySheetPageA
ImageList_GetFlags
MakeDragList
ImageList_GetBkColor
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Merge

kernel32

MultiByteToWideChar
VirtualAlloc
SetStdHandle
GetModuleFileNameA
OpenSemaphoreW
HeapSize
SetUnhandledExceptionFilter
MapViewOfFile
GetCommandLineA
GetProfileStringA
HeapFree
GetProcessHeap
GetConsoleMode
GetCurrentThread
HeapReAlloc
UnhandledExceptionFilter
LockFileEx
GetModuleFileNameW
GetLocaleInfoW
GetTimeFormatA
GetCPInfo
TlsGetValue
GetStartupInfoW
DeleteCriticalSection
InterlockedDecrement
SetConsoleCtrlHandler
GetLastError
GetOEMCP
GetStringTypeW
LCMapStringA
CreateFileA
GetCurrentProcessId
SetFilePointer
FreeLibrary
RtlUnwind
FreeEnvironmentStringsA
GetTickCount
InitializeCriticalSection
GetModuleHandleA
EnterCriticalSection
CompareStringA
GetFileType
Sleep
TlsFree
GetCompressedFileSizeA
SetHandleCount
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineW
LCMapStringW
WriteConsoleW
GetEnvironmentStringsW
HeapDestroy
FlushFileBuffers
LocalCompact
GetStartupInfoA
HeapAlloc
GlobalUnlock
HeapCreate
GetConsoleOutputCP
GetDateFormatA
GetThreadContext
GetACP
SetLastError
SetEnvironmentVariableA
GetUserDefaultLCID
OpenMutexA
FreeEnvironmentStringsW
GetStdHandle
InterlockedExchange
WriteConsoleA
GetTimeZoneInformation
GetProcAddress
GetSystemInfo
WriteFile
TlsAlloc
GetStringTypeA
IsValidLocale
CloseHandle
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
VirtualQuery
GetCurrentThreadId
QueryPerformanceCounter
CompareStringW
lstrcmpW
EnumSystemLocalesA
CreateMutexA
InterlockedIncrement
LoadResource
GetVersionExA
ReadFile
TlsSetValue
IsDebuggerPresent
GetLocaleInfoA
RtlMoveMemory
GetConsoleCP
IsValidCodePage
GetEnvironmentStrings
VirtualFree
SetConsoleWindowInfo
WideCharToMultiByte
LoadLibraryA

Sections

.text
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c9ce562e3320f9754c68d02710e8233

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 334KB - Virtual size: 333KB

.rdata Size: 37KB - Virtual size: 44KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 334KB - Virtual size: 333KB

.rdata
Size: 37KB - Virtual size: 44KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 17KB - Virtual size: 17KB