0df62e8aba4fe01d91985a41b4b94066_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0df62e8aba4fe01d91985a41b4b94066_JaffaCakes118
Size

636KB
MD5

0df62e8aba4fe01d91985a41b4b94066
SHA1

245d4a352e810284b90617a730b53b2683ec240d
SHA256

c582b2eca3c25cdfea6f745f4badaf9b1c8b4a80f7c39e2e7cf6ac1c923a64f7
SHA512

de72bc0fe0b5b5e51cfa29580006cdbd14e0b4cfa16fe31d3b442a25a32408168133bd15b123e1dc5fb5a3fbb2a76e1cc55ddb23ef54d8e2fe259b1c720630f5
SSDEEP

12288:iF2UxWUyNDOF2SpiRcEyZduRYtWD76WAhSjGqdcNFTLM:GWwbiRz8MCSCLFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0df62e8aba4fe01d91985a41b4b94066_JaffaCakes118

Files

0df62e8aba4fe01d91985a41b4b94066_JaffaCakes118
.exe windows:4 windows x86 arch:x86

350ffc955e5a2f74167c86d59d62001b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
OpenFile
lstrcpyA
DeleteCriticalSection
lstrcatA
InitializeCriticalSection
LoadLibraryA
GetProcAddress
IsDBCSLeadByte
GetCommandLineA
CreateMutexA
LoadLibraryExA
lstrcpynA
lstrcmpiA
GetModuleHandleA
ExitProcess
FlushFileBuffers
ReadFile
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
GetLocaleInfoA
GetVersion
GetStartupInfoA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
LocalFree
GetSystemDefaultLCID
CloseHandle
CreateFileA
CopyFileA
GetSystemDirectoryA
Sleep
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetVersionExA
GetLastError
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrlenW
lstrlenA
GetShortPathNameA
FindResourceA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource

user32

EnumChildWindows
BeginPaint
EndPaint
PostMessageA
CreateDialogParamA
CallWindowProcA
SetWindowLongA
wsprintfA
InvalidateRect
GetParent
DialogBoxParamA
ScreenToClient
GetSystemMenu
EnableMenuItem
GetWindowRect
LoadStringA
WinHelpA
DefWindowProcA
ShowWindow
GetDlgItem
SetWindowTextA
EndDialog
SendMessageA
RegisterClassA
GetMessageA
MessageBoxA
SetFocus
ReleaseDC
FillRect
GetWindowDC
GetClientRect
SetRectEmpty
GetIconInfo
MapWindowPoints
BroadcastSystemMessage
FindWindowA
FrameRect
GetCursorPos
WindowFromPoint
GetWindowTextA
ChangeDisplaySettingsA
EnableWindow
EnumDisplaySettingsA
DrawTextA
SetTimer
GetDC
KillTimer
SetCursor
GetSystemMetrics
DestroyWindow
CopyImage
UpdateWindow
PtInRect
IsWindow
RegisterClassExA
LoadCursorA
GetClassInfoExA
MoveWindow
CopyRect
GetSysColor
OffsetRect
GetDlgCtrlID
IntersectRect
GetWindowLongA
CreateWindowExA
IsWindowEnabled
UnionRect
DispatchMessageA
PostQuitMessage
PostThreadMessageA
CharNextA
DestroyIcon
ReleaseCapture
SetCapture

gdi32

LineTo
SetROP2
DeleteObject
Rectangle
BitBlt
StretchBlt
DeleteDC
SelectObject
CreateCompatibleDC
GetObjectA
CreatePen
GetStockObject
Polyline
CreateCompatibleBitmap
GetPixel
SetPixel
SetBkColor
CreateSolidBrush
SetTextColor
GetTextExtentPoint32A
CreateFontIndirectA
MoveToEx
SetBkMode
GetTextMetricsA

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueA
RegDeleteValueA

shell32

ShellExecuteExA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoSuspendClassObjects
CoUninitialize
CLSIDFromString
CoInitialize
CoRegisterClassObject
CoRevokeClassObject

oleaut32

SysAllocString
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayUnlock
SafeArrayRedim
SafeArrayCreate
SafeArrayGetElemsize
SysStringByteLen
LoadRegTypeLi
SysStringLen
SysAllocStringByteLen
SysFreeString
SafeArrayLock
VariantClear
VariantInit
SysAllocStringLen
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SafeArrayAccessData

comctl32

ImageList_Destroy
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
ord17
ImageList_Draw
ImageList_GetImageInfo
PropertySheetA
ImageList_Add

hccutils

GetHardwareKey
GetMyRegKey
EnumDeviceByClass
ReleaseClassDevice
LoadIMAGE
LoadCURSOR
DeleteString
StretchBitmap
SaveString
LoadBitmapFromFile
LoadBITMAP
LoadICON
FindResources
IsDisplayValid
LoadDialogString
LoadSTRING
CreateThisKey

Sections

.text
Size: 376KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350ffc955e5a2f74167c86d59d62001b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

hccutils

Sections

.text Size: 376KB - Virtual size: 372KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 188KB - Virtual size: 207KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 376KB - Virtual size: 372KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 188KB - Virtual size: 207KB

.rsrc
Size: 8KB - Virtual size: 7KB