0edaab599e82ad357ef2bf4da9810d20_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0edaab599e82ad357ef2bf4da9810d20_JaffaCakes118
Size

132KB
MD5

0edaab599e82ad357ef2bf4da9810d20
SHA1

40873edc15d5a010dec5f7c936be2fa28dcd4277
SHA256

91d06981fcf016228cca6464476e0832892fe522d6d55004aaecaffa560215c3
SHA512

68d4bd9fb4ab1868c09f0eefb23176dfb518e8688758fb035c3ea3f17be69224a643d5dea0600181a239019f8324452a6170c8d0a83d790447aeef0e74ae47c5
SSDEEP

3072:qEaq2c7E3+3J7IadMP/KzSoKn4FtoD8p1m9kbpf:qs2E/KUqP9et

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0edaab599e82ad357ef2bf4da9810d20_JaffaCakes118

Files

0edaab599e82ad357ef2bf4da9810d20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bc93965f748237e2518f6842071dc0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\uf\k\0\y4k4u32\niam63oz\5285d\b1ua95\faf.pdb

Imports

kernel32

GetVersion
MultiByteToWideChar
TerminateProcess
GetStdHandle
GetModuleHandleA
HeapDestroy
WideCharToMultiByte
GetEnvironmentStrings
GetFileType
GetOEMCP
GetEnvironmentStringsW
SetEndOfFile
GetEnvironmentVariableA
GetCPInfo
GetVersionExA
CreatePipe
GetStringTypeA
GlobalUnlock
HeapReAlloc
HeapAlloc
GetTimeZoneInformation
GetLastError
FreeEnvironmentStringsA
GetACP
GetCurrentDirectoryA
CreateProcessA
LCMapStringW
CompareStringA
GetProcessHeap
FlushFileBuffers
FileTimeToLocalFileTime
GetFileInformationByHandle
VirtualAlloc
GetPrivateProfileStringA
RtlUnwind
GetPrivateProfileIntA
Sleep
WriteFile
PeekNamedPipe
FreeEnvironmentStringsW
GlobalLock
LCMapStringA
HeapCreate
HeapFree
VirtualFree
SetHandleCount
GlobalAlloc
RaiseException
DuplicateHandle
UnhandledExceptionFilter
GetCurrentProcess
CreateDirectoryA
FreeLibrary
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetStdHandle
CompareStringW
ExitProcess
FileTimeToSystemTime
GetStartupInfoA
CreateThread
GetStringTypeW
SetCurrentDirectoryA
SetFilePointer
CloseHandle
VirtualProtect
LoadLibraryExA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
ReadFile
lstrlenA
CreateFileA
GetLocalTime

user32

SetMenuDefaultItem
SendDlgItemMessageA
TrackPopupMenu
GetCursorPos
CloseClipboard
IsIconic
EnableWindow
IsWindow
CreateWindowExA
UpdateWindow
SetWindowTextA
LoadIconA
DefFrameProcA
DialogBoxParamA
GetWindowTextA
GetDlgItem
RegisterClassExA
SetFocus
IsZoomed
GetClipboardData
MessageBeep
MessageBoxA
CheckMenuItem
GetSubMenu
GetWindowPlacement
SetWindowLongA
PostQuitMessage
SetClassLongA
ModifyMenuA
TranslateMessage
SetTimer
LoadImageA
SetWindowPos
GetWindowTextLengthA
ClientToScreen
IsClipboardFormatAvailable
GetKeyState
GetWindow
SendMessageA
GetMessageA
GetClientRect
CopyRect
SetForegroundWindow
KillTimer
GetSystemMetrics
ReleaseDC
DestroyIcon
LoadMenuA
ReleaseCapture
ShowWindow
DefMDIChildProcA
DestroyMenu
EnableMenuItem
DeleteMenu
EmptyClipboard
DispatchMessageA
SetCapture
GetDC
BeginPaint
AppendMenuA
GetSysColor
OpenClipboard
EndDialog
PostMessageA
MoveWindow
PtInRect
SetClipboardData
GetWindowRect
RegisterWindowMessageA
LoadCursorA
InvalidateRect
wsprintfA
EndPaint

gdi32

SelectClipRgn
Rectangle
SetBkColor
StretchBlt
MoveToEx
ExtTextOutA
CreateCompatibleDC
CreateDCA
CreatePen
SetStretchBltMode
Polygon
BitBlt
GetPixel
SelectObject
GetTextExtentPoint32A
LineTo
CreateBitmap
SetTextColor
CreateCompatibleBitmap
GetDeviceCaps
CreateFontIndirectA
SetMapMode
ExtSelectClipRgn
CreateSolidBrush
SetPolyFillMode
GetMapMode
CreateRectRgn
DeleteObject
GetStockObject
DeleteDC
GetObjectA

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

shell32

Shell_NotifyIconA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderPathA

winmm

PlaySoundA

wsock32

htons
closesocket
send
WSACleanup
recv
WSAAsyncSelect
connect
gethostbyname
WSAGetLastError
socket
WSAStartup
gethostname

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bc93965f748237e2518f6842071dc0a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

winmm

wsock32

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 35KB - Virtual size: 58KB

.rsrc Size: 14KB - Virtual size: 14KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 35KB - Virtual size: 58KB

.rsrc
Size: 14KB - Virtual size: 14KB

.reloc
Size: 1KB - Virtual size: 1KB