0f9ede4091acca86caf273b3eaa07c8b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f9ede4091acca86caf273b3eaa07c8b_JaffaCakes118
Size

181KB
MD5

0f9ede4091acca86caf273b3eaa07c8b
SHA1

31a7aae5c16fa4b64b7611c99a48d87f47e1682e
SHA256

19a105bb790e3d7af138f9ee167e13d73372e362fd10af62b6b305ed0c5bdb9e
SHA512

15a98a80661e66068545c9510ac3eb04a32d4d35e90169bd70a1cf298770a4b17392be16ea6e771ffd6e667f7ce32d5dce98294ace7c812db325678f5c4ac525
SSDEEP

3072:mfdJwd1M/so8xWLqcG+HiCtZ1DQ/glRVs3xlmyurIibkIEvcxH:Aft0oiWLqrqhQKVs3xlNuvkIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f9ede4091acca86caf273b3eaa07c8b_JaffaCakes118

Files

0f9ede4091acca86caf273b3eaa07c8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f31be6775eed71b114ed552680fddc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA

ole32

OleRegGetUserType
CoCreateFreeThreadedMarshaler
PropVariantClear
CreateBindCtx
CreateStreamOnHGlobal

kernel32

IsBadReadPtr
GetModuleHandleA
GetLastError
lstrlenA
GetVersionExA
VirtualAlloc
ExitProcess
GetProcAddress
GetCommandLineA
LoadLibraryA
GetACP
IsBadHugeReadPtr
GetCommandLineW
ExitThread

comdlg32

FindTextA
ChooseColorA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
FindTextA
GetFileTitleA

shlwapi

SHQueryInfoKeyA
SHQueryInfoKeyA
SHStrDupA
SHDeleteKeyA
SHQueryValueExA
PathIsContentTypeA
SHSetValueA

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Remove
ImageList_Write
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Draw
ImageList_Destroy
ImageList_DrawEx
ImageList_Write

user32

EnumChildWindows
CharLowerA
ReleaseCapture

msvcrt

malloc
rand
memcpy
wcschr
tolower
atan
srand

shell32

Shell_NotifyIconA
SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA

gdi32

SetTextColor
GetPixel
CopyEnhMetaFileA
CreateCompatibleDC

version

VerQueryValueA
VerInstallFileA

oleaut32

GetErrorInfo
SafeArrayPtrOfIndex
VariantCopyInd
SafeArrayGetUBound
VariantChangeType
GetErrorInfo
OleLoadPicture
RegisterTypeLib
SysStringLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DATA1
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA7
Size: 14KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DATA3
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f31be6775eed71b114ed552680fddc7

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

comdlg32

shlwapi

comctl32

user32

msvcrt

shell32

gdi32

version

oleaut32

Sections

.text Size: 56KB - Virtual size: 55KB

DATA Size: 1KB - Virtual size: 1KB

.DATA6 Size: 1KB - Virtual size: 1KB

.DATA1 Size: 101KB - Virtual size: 100KB

.DATA7 Size: 14KB - Virtual size: 90KB

.DATA3 Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 55KB

DATA
Size: 1KB - Virtual size: 1KB

.DATA6
Size: 1KB - Virtual size: 1KB

.DATA1
Size: 101KB - Virtual size: 100KB

.DATA7
Size: 14KB - Virtual size: 90KB

.DATA3
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB