0d21232cbdb26f37f4b1b648c418b9e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d21232cbdb26f37f4b1b648c418b9e6_JaffaCakes118
Size

71KB
MD5

0d21232cbdb26f37f4b1b648c418b9e6
SHA1

2683340dc64a551f94296c4df78eee531bd75e83
SHA256

77b892765ad2c445b4cadae644b7e47bfb2cb36c088cfa1a91a95a64a498612a
SHA512

dbd63fd52b517b02cb7fde6d53db907fa10b1b8fcf872c6715311cc4895099aa6499e073f810c632cdb09077d2d28a4c46eb3e9985ebefde66daca448e9c889c
SSDEEP

768:zQOTyPrz7Zf25lOWEw+qq8ORJdkoFlccu7O2zjMOMC37aQ9sWalkujh/R9utSqMP:zQOCc5w2+uq2zjMOMCmRTF6CELc5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d21232cbdb26f37f4b1b648c418b9e6_JaffaCakes118

Files

0d21232cbdb26f37f4b1b648c418b9e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db31659939686b6053b96f389e7c9643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_wcsnicmp
wcsncmp
wcsncpy
wcslen
wcscpy
wcscat
wcscmp
fclose
fabs
ceil
malloc
floor
free
memcpy
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
HeapFree
HeapAlloc
GetCurrentProcessId
GetCurrentThreadId
InitializeCriticalSection
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
SetLastError
TlsAlloc
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
FindClose
FindFirstFileW
GetLastError
FindNextFileW
GetCurrentDirectoryW
WriteFile
CloseHandle
CreateFileW
ReadFile
MultiByteToWideChar
SetFilePointer
WideCharToMultiByte

comctl32

InitCommonControls
InitCommonControlsEx

user32

GetSystemMetrics
CharLowerW
MessageBoxW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
DestroyWindow
SendMessageW
GetWindowLongW
SetWindowTextW
CreateWindowExW
GetWindow
SetWindowLongW
GetWindowRect
GetSysColor
GetSysColorBrush
GetScrollPos
GetClientRect
MoveWindow
SetScrollInfo
SetScrollPos
RedrawWindow
GetScrollRange
CallWindowProcW
FillRect
DefWindowProcW
GetParent
SetFocus
LoadCursorW
RegisterClassExW
GetWindowTextLengthW
GetWindowTextW
PostMessageW
MapWindowPoints
InvalidateRect
RemovePropW
SetPropW
GetPropW
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
RegisterClassW
AdjustWindowRectEx
GetActiveWindow
ShowWindow
CreateAcceleratorTableW
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
EnumChildWindows
DefFrameProcW
SetCursorPos
LoadImageW
SetCursor
SystemParametersInfoW
GetKeyState
SetCapture
GetCursorPos
ReleaseCapture
GetFocus
IsChild
GetClassNameW
DestroyIcon

gdi32

GetStockObject
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject
GetObjectType
GetObjectW
CreateCompatibleDC
GetDIBits
DeleteDC
CreateDIBSection
SelectObject
BitBlt
CreateBitmap
SetPixel

comdlg32

GetSaveFileNameW
GetOpenFileNameW

ole32

CoInitialize
RevokeDragDrop

Sections

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db31659939686b6053b96f389e7c9643

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

comdlg32

ole32

Sections

.code Size: 7KB - Virtual size: 7KB

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 1024B - Virtual size: 668B

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 32KB - Virtual size: 31KB

.code
Size: 7KB - Virtual size: 7KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 1024B - Virtual size: 668B

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 32KB - Virtual size: 31KB