0d6ad01732ea91bcabfb9d0f212f592b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d6ad01732ea91bcabfb9d0f212f592b_JaffaCakes118
Size

140KB
MD5

0d6ad01732ea91bcabfb9d0f212f592b
SHA1

e673c237910334cf090eee96bef58fee3995b2e2
SHA256

d7c31ab530f2db2c9de6174146e238611eee91954c1b3cc2606ffdf2cc4791e7
SHA512

8804c11a10c4c6e7fe65bc09902f4848afbbc35427080aa610ad20241766c53b6b8ca1b21643e18f25c11cd3693f67795505f776ae3985151fa604a47a2d3fc3
SSDEEP

3072:05D5tW9WLYTkpD9tO6VYSoCKPYmvNvvgjBBYT36+eB8KcZguWs32QQLBEC:G3W9UD9tO6VkCKPHNnyBH+9Bg3Afq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d6ad01732ea91bcabfb9d0f212f592b_JaffaCakes118

Files

0d6ad01732ea91bcabfb9d0f212f592b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83970cd9fb02661ed30488491bf67979

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
DeleteObject
GetObjectW
CreateFontIndirectW
CreateSolidBrush
GetDeviceCaps
SetBkMode

crypt32

CertFreeCertificateContext
CertEnumSystemStoreLocation
CryptQueryObject
CryptDecodeObject
CryptMsgGetParam
CertGetNameStringW
CryptMsgClose
CertFindCertificateInStore
CertCloseStore

oleacc

CreateStdAccessibleObject

user32

LoadIconW
SetWindowLongW
SendMessageW
SetDlgItemTextW
LoadBitmapW
GetDlgItem
BeginPaint
SetWindowPos
LoadStringW
MessageBoxW
DestroyWindow
EndPaint
PostMessageW
ReleaseDC
GetParent
GetWindowDC
GetWindowLongW
DefWindowProcW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

kernel32

TlsFree
UnhandledExceptionFilter
TlsGetValue
HeapAlloc
HeapDestroy
TlsSetValue
GetStartupInfoA
GetEnvironmentStringsW
CancelWaitableTimer
InterlockedIncrement
GetFileAttributesW
FlushFileBuffers
RaiseException
GetCommandLineA
GetCurrentThreadId
OpenProcess
GetCPInfo
HeapFree
GetACP
GetTickCount
HeapCreate
GetModuleHandleA
QueryPerformanceCounter
FreeEnvironmentStringsW
VirtualFree
ReadFile
TlsAlloc
ExitProcess
IsValidCodePage
GetModuleFileNameA
GetStdHandle
GetVersionExA
GetEnvironmentStrings
SetHandleCount
SetLastError
RtlUnwind
TerminateProcess
LoadLibraryW
GetCurrentProcess
GetFileType
DeleteCriticalSection
ExitProcess
FreeEnvironmentStringsA
GetOEMCP
SetUnhandledExceptionFilter
GetProcessHeap
IsDebuggerPresent
WideCharToMultiByte

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83970cd9fb02661ed30488491bf67979

Headers

File Characteristics

Imports

gdi32

crypt32

oleacc

user32

ole32

shell32

kernel32

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 80KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 80KB