0fa58d2aa4c708285e00bac30c76331c_JaffaCakes118

General

Target

0fa58d2aa4c708285e00bac30c76331c_JaffaCakes118
Size

110KB
MD5

0fa58d2aa4c708285e00bac30c76331c
SHA1

1bdec29d3a658c7a01a2d1703b0572460532bd80
SHA256

98a0b9d609c4ce858768e400d1068c69acd3e54214a960da9496d62b8ec3fb83
SHA512

01bd92661d994f2e386a2a0aae0be3b5bbe00b1705f64a2a55e6b818338eff4ca8e038ee669262b9dcb6deb493d189401aee12a5ce2708d20b319e05a4b77d31
SSDEEP

3072:WDHMjcmGoseOECIGRoVV1GmPjpqvi+Gmw:WDHdNLeOnRqV1NPFqv0z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa58d2aa4c708285e00bac30c76331c_JaffaCakes118

Files

0fa58d2aa4c708285e00bac30c76331c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed17f45ef7e63aa53341021441982f44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__setusermatherr
_except_handler3
free
strcmp
_adjust_fdiv
printf
_acmdln
__getmainargs
_exit
_onexit
calloc
_initterm
exit
_XcptFilter
fopen
__set_app_type
__p__commode
malloc
strcpy

kernel32

SetHandleCount
GetProcAddress
DeleteFileA
VirtualProtectEx
SetUnhandledExceptionFilter
FlushFileBuffers
LoadLibraryExW
GetModuleHandleW
WritePrivateProfileStringA

oleaut32

SafeArrayPutElement
SysReAllocStringLen
GetActiveObject
SafeArrayCreate

comctl32

ImageList_BeginDrag
CreateToolbarEx
ImageList_Create
CreateStatusWindowA
ImageList_SetIconSize

shell32

SHGetSpecialFolderLocation
DoEnvironmentSubstW
SHFileOperationW
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderPathA

advapi32

RegDeleteKeyW
RegQueryInfoKeyA
RegOpenKeyExW
CryptHashData
OpenServiceW
RegEnumValueW

ole32

OleIsCurrentClipboard
OleGetClipboard
OleRun
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
IsAccelerator
PropVariantClear
OleDraw

gdi32

CloseEnhMetaFile
LineTo
Arc

user32

SetPropA
DrawMenuBar
RemovePropA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed17f45ef7e63aa53341021441982f44

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

comctl32

shell32

advapi32

ole32

gdi32

user32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 39KB - Virtual size: 62KB

.rsrc Size: 65KB - Virtual size: 65KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 39KB - Virtual size: 62KB

.rsrc
Size: 65KB - Virtual size: 65KB