0dd1830aa144480daf76dbb9f14b1956_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0dd1830aa144480daf76dbb9f14b1956_JaffaCakes118
Size

86KB
MD5

0dd1830aa144480daf76dbb9f14b1956
SHA1

fe76f5448850554d56134189db2a30f9c3ed18eb
SHA256

a3d907050475ffad87971a28edfbfaac9a22c534210859aa386edab216cc052a
SHA512

3b39d0b728736e14fca79707e76a1665d1391a318ebe7b658f01916e9e040c2b957175d095a8b3b948cb94ae54d9d53598094bd9f9fbe406bd479d0438f24e2d
SSDEEP

1536:t+6L1XsIsb0hAFOThatmb/ddsMXUm9jq9SGkZwPoexlh5xNs:BX0b0hAFOThld64rOsexlh5xN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd1830aa144480daf76dbb9f14b1956_JaffaCakes118

Files

0dd1830aa144480daf76dbb9f14b1956_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fa39dd23c46f48baf257453f836dd08b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

scsl10

Scsl_sub
Scsl_ztz
Scsl_mul
Scsl_round
Scsl_cclose
Scsl_ptb
Scsl_ztp
Scsl_copenkey
Scsl_cmread
Scsl_cattrset
Scsl_ncmp
Scsl__poolset
Scsl_exit
Scsl_TermEnable
Scsl_init
Scsl_callchk
Scsl_cclear
Scsl_camndsp
Scsl_cline
Scsl_cmove
Scsl_fclr
Scsl_btz
Scsl_TermCheck
Scsl_callcnt
Scsl__callerr
Scsl_pjmp
Scsl_csbclr
Scsl_stop
Scsl_bos
Scsl_cinpmode
Scsl_cframe
Scsl_eos
Scsl_cmninput
Scsl_csbdatclr
Scsl_readkey
Scsl_ztl
Scsl_cmndsp
Scsl_rclr
Scsl_cmstart
Scsl__iosts
Scsl_cread
Scsl_edit
Scsl_crewrite
Scsl_cbuzzer
Scsl_copen
Scsl_csetix
Scsl_ptp
Scsl_creadr
Scsl_clrw
Scsl_cfree
Scsl_div
Scsl_ovf
Scsl_add
Scsl_btp
Scsl_ptl
Scsl_occ

sciodk10

Scio_DkGetIOCB
Scio_DkGetKINFO

scrt10

Scrt_cescend
get_cols
get_lines

user32

EnableMenuItem
GetSystemMenu
ShowWindow
SetWindowTextA
SendMessageA
LoadImageA
GetParent
FindWindowA
MessageBoxA

kernel32

GetModuleHandleW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
CreateFileA
ReadFile
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleFileNameA
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CloseHandle
GetCurrentProcessId
SetEnvironmentVariableA
GetEnvironmentVariableA
GetCurrentDirectoryA
GetTempPathA
FreeEnvironmentStringsA
GetEnvironmentStrings
RtlUnwind
Sleep
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLastError
HeapFree

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa39dd23c46f48baf257453f836dd08b

Headers

DLL Characteristics

File Characteristics

Imports

scsl10

sciodk10

scrt10

user32

kernel32

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 7KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 7KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 2KB