0e9da18b8a0bd1b59bb055aeb364ecbc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e9da18b8a0bd1b59bb055aeb364ecbc_JaffaCakes118
Size

265KB
MD5

0e9da18b8a0bd1b59bb055aeb364ecbc
SHA1

7843d7116b6bdf4926350ddd88bfa5550d9aaa59
SHA256

e08bb18fec0bc694198ac6e39fd1debf53033a5bf42c5b64745b16846ba84db4
SHA512

f9a188e0b0b92b674951821396fd9f35bc82917a213e577e195eb2abc414f7f1686640757d7e93f17e36025ddd515e33f889d3644e218e62151d5aa7569f0463
SSDEEP

6144:7DabuMa4XcwcoTf971CD6q1lq6fLFXV7zcLxL0c/S:7Da6Ma0/59RlqDq6LFXVqFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e9da18b8a0bd1b59bb055aeb364ecbc_JaffaCakes118

Files

0e9da18b8a0bd1b59bb055aeb364ecbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df9331bff0c923ff021f529fd4866d1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetTimeFormatA
EnumDateFormatsExA
SetFileAttributesW
GetProcessHeap
CompareStringW
HeapAlloc
WriteFile
Sleep
LCMapStringW
TlsGetValue
GetCurrencyFormatA
CompareStringA
GetCommandLineA
SetLastError
SetUnhandledExceptionFilter
GetACP
GetStdHandle
GetStringTypeA
FindFirstFileExA
SetEnvironmentVariableA
GetEnvironmentStrings
GetStringTypeW
GetEnvironmentStringsW
CloseHandle
GetVersionExA
TlsFree
GetStartupInfoW
GetProcAddress
EnterCriticalSection
GetStartupInfoA
VirtualFree
GetThreadSelectorEntry
GetDateFormatA
FindNextFileW
HeapCreate
VirtualQuery
LCMapStringA
UnhandledExceptionFilter
MultiByteToWideChar
GetCPInfo
HeapSize
TlsAlloc
GetOEMCP
HeapReAlloc
IsValidLocale
ExitProcess
DeleteCriticalSection
WriteProfileSectionW
VirtualAlloc
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcess
InterlockedIncrement
GetModuleHandleA
GetLocaleInfoA
InitializeCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetConsoleCtrlHandler
TlsSetValue
GetCurrentThread
GetLocaleInfoW
GetCurrentProcessId
GetModuleFileNameA
IsDebuggerPresent
GetCommandLineW
RtlFillMemory
GetTickCount
GetUserDefaultLCID
FreeEnvironmentStringsW
GetLastError
SetHandleCount
LeaveCriticalSection
RtlUnwind
GetFileType
GetSystemTimeAsFileTime
InterlockedExchange
IsValidCodePage
FreeEnvironmentStringsA
EnumSystemLocalesA
GetModuleFileNameW
GetPrivateProfileSectionA
GetTimeZoneInformation
HeapDestroy
HeapFree
TerminateProcess
LoadLibraryA

comdlg32

ChooseFontA
PrintDlgA
ChooseColorA
PageSetupDlgW
ChooseColorW
ReplaceTextA
PrintDlgW
GetFileTitleA
ReplaceTextW
GetOpenFileNameA
GetOpenFileNameW
GetFileTitleW
FindTextA

gdi32

GetEnhMetaFileDescriptionW
GetTextExtentPointW
GetCharWidthW
PolyDraw
GetSystemPaletteEntries
ScaleWindowExtEx
DeleteEnhMetaFile
CreateEllipticRgn
UpdateICMRegKeyW
Polyline
GetGraphicsMode
CreatePen
EnumFontFamiliesA
MaskBlt
SetSystemPaletteUse

shell32

FreeIconList
SHEmptyRecycleBinA
SHGetNewLinkInfo
SHLoadInProc
SHGetMalloc
SHChangeNotify
ExtractIconA
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
DuplicateIcon
SHAddToRecentDocs

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df9331bff0c923ff021f529fd4866d1e

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

shell32

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 138KB - Virtual size: 137KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 6KB - Virtual size: 6KB