0dea802e16a5bd08edf5a01d9b724017_JaffaCakes118

General

Target

0dea802e16a5bd08edf5a01d9b724017_JaffaCakes118
Size

128KB
MD5

0dea802e16a5bd08edf5a01d9b724017
SHA1

6be0a21a50c2d0926f7d4ef1211f30839f51e8be
SHA256

0a9a3bd3c7971f2790533f20667c757b1b3783377194b00feeb1bc33d3ed6327
SHA512

3c4b73f3e8f77e272000aa54257ccf30572203cf3c75463b2955f81a1bb3f78b9f65db01b55b1146755165841eaa337e6f3eb3b8c9accc55b03c0cdfbda84758
SSDEEP

3072:Ys7JOHK9sHHe/Cvt/5qW9axjQMIdfS8a:Sq9iYbxLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dea802e16a5bd08edf5a01d9b724017_JaffaCakes118

Files

0dea802e16a5bd08edf5a01d9b724017_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
HeapAlloc
DeleteFileA
GetProcessHeap
GetLocaleInfoA
lstrcatA
SetThreadLocale
GetLastError
GetFileSize
RaiseException
LocalReAlloc
ExitProcess
GetLocalTime
GetFileAttributesA
SetEndOfFile
MoveFileExA
GetFileType
HeapFree
SetLastError
GetThreadLocale
EnterCriticalSection
GetCPInfo
ExitThread
GetDiskFreeSpaceA
GetModuleHandleA
GetStringTypeA
CompareStringA
MulDiv
VirtualFree
GetACP
GetEnvironmentStrings
VirtualAllocEx
WideCharToMultiByte
lstrcpyA
FormatMessageA
LoadLibraryExA
CreateFileA
GetModuleFileNameA
GetFullPathNameA
SetErrorMode
LoadResource
CreateEventA
FreeResource
lstrcmpiA
LocalAlloc
CloseHandle
Sleep
lstrcmpA
GetProcAddress
GetOEMCP
SetHandleCount
ResetEvent
VirtualAlloc
GlobalFindAtomA
GlobalAlloc
GetVersionExA
GetTickCount
LoadLibraryA

user32

GetActiveWindow
PostQuitMessage
GetFocus
IsWindowEnabled
GetCursor
DefFrameProcA
SetMenuItemInfoA
GetWindow
BeginPaint
EqualRect
ShowWindow
GetTopWindow
CreatePopupMenu
DeleteMenu
IsIconic
GetScrollInfo

gdi32

BitBlt
SetPixel
SetBkColor
CreateFontIndirectA
CreatePalette
CreatePenIndirect
GetRgnBox
GetObjectA

comctl32

ImageList_GetBkColor
ImageList_Remove
ImageList_Create
ImageList_Draw
ImageList_Write
ImageList_DrawEx

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

CODE Size: 33KB - Virtual size: 32KB

.rdata Size: 81KB - Virtual size: 80KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

CODE
Size: 33KB - Virtual size: 32KB

.rdata
Size: 81KB - Virtual size: 80KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB