0ef78019bab67d06c4e254bd7a3a27da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ef78019bab67d06c4e254bd7a3a27da_JaffaCakes118
Size

198KB
MD5

0ef78019bab67d06c4e254bd7a3a27da
SHA1

015dc9e6717845f040bd9ed0687f3a5eac02830d
SHA256

79cc63d4440711647287362477904822d65374295f633a2c20cd7afc04c6b932
SHA512

9512d8f32693be856bbe71c93c1a9069a3c76e4cb9b702c53e8b1d2cb2f46aa1329056b5b4d94da4b66a723aff5896c1986a625c1499cc84f9f023bd1ba86f07
SSDEEP

3072:WeBOAhlCZchRMChQ7oRKI39eiBOKyJWuhQpvOd8WoJ7Myr1kZ2GoaUpkuU:WeBOVZcvJQMD9eBWuekuJwEZGrCkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ef78019bab67d06c4e254bd7a3a27da_JaffaCakes118

Files

0ef78019bab67d06c4e254bd7a3a27da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0bd6cd5fa93cad6de16702a422f444fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\lasuhBarfbalddobicego{\umqiOrzololayepbicego{\ragmauntothyuteonsfiboh\potSmogputvoxcaulhelawh\totwetahmugUnautomelawh.pdb

Imports

gdi32

CreateHatchBrush
SetViewportOrgEx
CreateEllipticRgnIndirect
SetDIBitsToDevice
SaveDC
SetWindowExtEx
CreatePen
RemoveFontResourceW
GetFontData
CreatePatternBrush
GetLayout
CreateDIBSection
MoveToEx
Rectangle

kernel32

FoldStringW
GetFullPathNameA
MulDiv
GetSystemTimeAdjustment
OpenFile
GetStdHandle
GlobalGetAtomNameA
GetCommandLineW
GetFileTime
RemoveDirectoryA
FindCloseChangeNotification
SetHandleInformation
TryEnterCriticalSection
LoadLibraryExA
GetSystemDefaultUILanguage

msvcrt

_wcsicmp

user32

CreateCaret
GetMenuItemID
OpenClipboard
GetWindow
GetFocus
DrawMenuBar
DestroyAcceleratorTable
RedrawWindow
CascadeWindows
GetWindowTextA
GetMessagePos
GetClientRect
LoadIconA
GetSysColor
InsertMenuA
PostMessageW
BeginPaint
PostMessageA
ToUnicodeEx
ReleaseDC
IsWindowVisible
SetMenu
GetMessageA
GetMenu
GetClassNameW
GetParent
GetClassInfoExA
IsRectEmpty
GetWindowLongW
GetMessageTime
GetNextDlgTabItem
GetClassLongW
InvalidateRect

comdlg32

GetFileTitleW

Exports

Exports

SendData@16
IsValidSection@12
CloseScreen@16
GetConfigEx@12
FormatMonitorA@4
CopyWindowA@16
CloseModuleExW@4
CloseStringOriginal@8
ValidatePathExA@16
SendFullNameOriginal@4
CopyDirectoryExA@8
EnumListItemW@16
IsValidProjectNew@16
SendTimerEx@8
ShowHeightNew@4

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nabis
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.refee
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.psikif
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hodta
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bd6cd5fa93cad6de16702a422f444fe

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

msvcrt

user32

comdlg32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 163KB

.nabis Size: 512B - Virtual size: 28B

.refee Size: 512B - Virtual size: 151B

.psikif Size: 512B - Virtual size: 280B

.hodta Size: 26KB - Virtual size: 26KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 164KB - Virtual size: 163KB

.nabis
Size: 512B - Virtual size: 28B

.refee
Size: 512B - Virtual size: 151B

.psikif
Size: 512B - Virtual size: 280B

.hodta
Size: 26KB - Virtual size: 26KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 3KB - Virtual size: 2KB