0d5d98719ea5c724a3abbffb6b309f45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d5d98719ea5c724a3abbffb6b309f45_JaffaCakes118
Size

428KB
MD5

0d5d98719ea5c724a3abbffb6b309f45
SHA1

76c442e5b0d1f57eaeb5e3a6ca765cbe13605f2e
SHA256

7d8293fbac54362bb7d42c2955ec5850efa6cd9950f26b345c988d5bd219de7e
SHA512

736a34380f8c39f47596d55638d6b8ef156479a3f4d8085c55dafb677c04db27b1d1ecca8d603f62106bbfc77f952d626585a888fdd633980de5f9bcb8fce4a3
SSDEEP

6144:u0rIUsdddgbP3Ik1e6Y6LiTjHlB6B7wMDqeA//W8MpQSaey4FnWT7/:ujUsKvghTjHlG72ftSae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5d98719ea5c724a3abbffb6b309f45_JaffaCakes118

Files

0d5d98719ea5c724a3abbffb6b309f45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd776c6c0724115768fede5a403f19e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA

kernel32

lstrlenW
LocalAlloc
LocalFree
GetLocaleInfoW
GlobalFree
GetStartupInfoA
LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GlobalUnlock
LocalUnlock
GetTimeFormatW
GetDateFormatW
GetUserDefaultLCID
GetLocalTime
QueryPerformanceCounter
GetTickCount
GetHandleInformation
HeapAlloc
GetProcessHeap
HeapFree
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
GetCurrentProcess
MultiByteToWideChar
UnmapViewOfFile
GetACP
DeleteFileW
SetEndOfFile
GlobalLock

user32

EnableWindow
PeekMessageW
CharLowerW
SetScrollPos
UpdateWindow
RegisterWindowMessageW
PostQuitMessage
SetWindowTextW
LoadIconW
GetFocus
GetDesktopWindow
CreateWindowExW
SetWindowPlacement
LoadCursorW
LoadImageW
RegisterClassExW
GetSystemMenu
LoadAcceleratorsW
LoadStringW
CharUpperW
GetWindowPlacement
IsIconic
GetForegroundWindow
ShowWindow
MessageBeep
DestroyWindow
DefWindowProcW
GetKeyboardLayout
SetActiveWindow
DialogBoxParamW
GetDC
ReleaseDC
SetCursor
GetClientRect
DrawTextExW
CreateDialogParamW
GetWindowTextW
GetSystemMetrics
InvalidateRect
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
SetWinEventHook
GetMessageW
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
PostMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UnhookWinEvent
CheckMenuItem
CloseClipboard
GetParent
EndDialog
GetDlgItemTextW
wsprintfW
SetDlgItemTextW
SetFocus
GetDlgItem
GetWindowLongW
SetWindowLongW
MessageBoxW
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
MoveWindow

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
IsTextUnicode
RegCreateKeyW
RegCloseKey
RegQueryValueExW

msvcrt

wcsncpy

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
ShellAboutW

winmm

mmioOpenA

winspool.drv

OpenPrinterW
GetPrinterDriverW
ClosePrinter

comctl32

CreateStatusWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
ChooseFontW
FindTextW
ReplaceTextW
PrintDlgExW
PageSetupDlgW
CommDlgExtendedError

gdi32

SelectObject
SetMapMode
SetViewportExtEx
SetWindowExtEx
LPtoDP
SetBkMode
GetTextMetricsW
DeleteObject
CreateFontIndirectW
GetDeviceCaps
GetObjectW
GetStockObject
EnumFontsW
StartDocW
TextOutW
GetTextFaceW
SetAbortProc
CreateDCW
GetTextExtentPoint32W
StartPage
DeleteDC
EndDoc
AbortDoc
EndPage

Exports

Exports

lnyvlblfx

Sections

.code
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd776c6c0724115768fede5a403f19e6

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

msvcrt

shell32

winmm

winspool.drv

comctl32

comdlg32

gdi32

Exports

Exports

Sections

.code Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 360KB - Virtual size: 356KB

.rsrc Size: 4KB - Virtual size: 1B

.reloc Size: 4KB - Virtual size: 1B

.rdata Size: 4KB - Virtual size: 1B

.data Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 776B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 360KB - Virtual size: 356KB

.rsrc
Size: 4KB - Virtual size: 1B

.reloc
Size: 4KB - Virtual size: 1B

.rdata
Size: 4KB - Virtual size: 1B

.data
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 776B

.reloc
Size: 4KB - Virtual size: 1KB