0f35f795cdb54c803e5eb0e433ad6291_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f35f795cdb54c803e5eb0e433ad6291_JaffaCakes118
Size

186KB
MD5

0f35f795cdb54c803e5eb0e433ad6291
SHA1

f065cd0766e78327bffc529e45744ba4de564f98
SHA256

1e2fbf2a31de96185cc7dbf66a7e93eb21604c44c7583c1934dc4f2bed09f250
SHA512

84a03cf01d5adc9c96c687c85fcd9580b333ac90c4e853738a3ef52e62ac6d81930d01f67b6c75592a7f5dc97ec9656211e6a57728972f0ad0b6e8fccbdd2d12
SSDEEP

3072:sCPRsgAqJaV5JuMMHp9UM9euiru4n60Fy1bnq1cULP2YQF8ExEHPcmPogxeTD50:BR/1U74MMH/0nP7EUcULl7Hvv7xe50

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f35f795cdb54c803e5eb0e433ad6291_JaffaCakes118

Files

0f35f795cdb54c803e5eb0e433ad6291_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d90081634f40b6b3899bd5507d1e1d92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
IsDlgButtonChecked
SendMessageA
MoveWindow
ReleaseDC
DestroyWindow
CreateDialogParamA
UnregisterClassA
CheckDlgButton
GetDialogBaseUnits
IsDialogMessageA
IsWindow
WinHelpA
GetDlgItemTextA
SetWindowLongA
EnableWindow
GetDC
ShowWindow
SetDlgItemTextA
CharNextA

kernel32

GetVersionExA
GetModuleHandleA
LockResource
SizeofResource
FreeEnvironmentStringsW
HeapReAlloc
LoadResource
TlsGetValue
SetHandleInformation
VirtualAlloc
VirtualFree
SetLastError
CloseHandle
InitializeCriticalSection
GetSystemInfo
EnterCriticalSection
SetFilePointer
GetStdHandle
FreeLibrary
HeapAlloc
GetSystemTimeAsFileTime
LeaveCriticalSection
GetFileType
ExitProcess
TransmitCommChar
InterlockedExchange
GetCurrentProcess
FlushFileBuffers
FlushInstructionCache
GetOEMCP
GetCommandLineA
TerminateProcess
MulDiv
GetStringTypeW
MultiByteToWideChar
VirtualProtect
lstrlenA
lstrcpynA
GetCPInfo
UnhandledExceptionFilter
LoadLibraryA
DisableThreadLibraryCalls
TlsFree
GetEnvironmentStringsW
lstrcpyA
InterlockedDecrement
GetCurrentProcessId
EnumResourceNamesW
SetHandleCount
FreeEnvironmentStringsA
InterlockedIncrement
GetStringTypeA
lstrcatA
lstrcmpiA
GetThreadLocale
GetCurrentThreadId
VirtualQuery
HeapSize
QueryPerformanceCounter
LCMapStringA
GetProcessHeap
IsDBCSLeadByte
HeapCreate
GetModuleFileNameA
WriteFile
IsBadCodePtr
GetStartupInfoA
GetEnvironmentStrings
GetACP
ExitProcess
FindResourceA
GetLastError
TlsAlloc
GetLocaleInfoA
HeapDestroy
TlsSetValue
GetTickCount
IsBadWritePtr
WideCharToMultiByte
RtlUnwind
DeleteCriticalSection
LoadLibraryExA
SetStdHandle
IsBadReadPtr
GetProcAddress
lstrlenW
RaiseException
SetUnhandledExceptionFilter
LCMapStringW
HeapFree

gdi32

SelectObject
GetTextMetricsA
DeleteObject
GetTextExtentPointA
GetDeviceCaps
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

ole32

CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

shlwapi

PathFindExtensionA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d90081634f40b6b3899bd5507d1e1d92

Headers

File Characteristics

Imports

user32

kernel32

gdi32

msimg32

ole32

shlwapi

advapi32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 50KB - Virtual size: 50KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 50KB - Virtual size: 50KB

.crt
Size: 512B - Virtual size: 84KB