0fb5940896a026c24947df56494a7853_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fb5940896a026c24947df56494a7853_JaffaCakes118
Size

144KB
MD5

0fb5940896a026c24947df56494a7853
SHA1

fd0e70dffeb796b62f260ee9dfe59030a2a3b3fb
SHA256

19af87b8bdfb56b15dd926937c6df295828c65927aabd9123fd4c03c5da9f05a
SHA512

722ae792f766a443993406a063af5a864f48e58ea0b78fdc061a3efa2f02c11bb1b53014b3eab70fd63b5d90ddb9a5e640b032463fc8d124616ad99ebf2cf699
SSDEEP

3072:XC6xG/qYF6dvdz1wlY5L+b/VVnTT/Pw6NejnABhJJzWFJoG9rWMs:XC7qbpdz1Tyb/Vhn/I6NG83JzWUGW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb5940896a026c24947df56494a7853_JaffaCakes118

Files

0fb5940896a026c24947df56494a7853_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f023f3e2db787f22c9aa8dcee914fba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

msvcrt

mbstowcs
exit
malloc
sqrt
srand
wcscspn
_acmdln
wcstol
time
memmove
tolower
memcpy
swprintf
rand

version

GetFileVersionInfoA
VerInstallFileA
VerFindFileA

kernel32

FormatMessageA
VirtualAlloc
SetThreadLocale
LoadLibraryA
GetCurrentThread
GetACP
EnterCriticalSection
GetThreadLocale
GetCPInfo
LocalAlloc
GetStringTypeW
lstrlenA
ReadFile
GetCommandLineA
GetLocalTime
ExitProcess
GetLastError
GetDateFormatA

gdi32

GetDCOrgEx
LineTo
RestoreDC
SetPixel
CreateDIBSection
BitBlt
GetClipBox

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegEnumValueA
RegEnumKeyA
RegCreateKeyA

shell32

DragQueryFileA
SHGetDesktopFolder
SHFileOperationA
SHGetFileInfoA
SHGetSpecialFolderLocation
DragQueryFileA
Shell_NotifyIconA
SHFileOperationA
SHGetDiskFreeSpaceA

ole32

OleCreateStaticFromData
CreateBindCtx
CoGetObjectContext
PropVariantClear
CoDisconnectObject
CoRevokeClassObject
CreateBindCtx
CoUnmarshalInterface
CoCreateInstanceEx
CLSIDFromProgID

user32

GetMessagePos
GetSysColor
EqualRect
EnumChildWindows
GetPropA
CreatePopupMenu
GetIconInfo
RegisterClassA
GetScrollRange
GetActiveWindow
IsChild
CheckMenuItem
CreateIcon
ClientToScreen
EnumWindows
GetMenuState
GetClientRect
DrawIconEx
ShowWindow

shlwapi

PathGetCharTypeA
SHEnumValueA
PathFileExistsA
SHStrDupA
SHDeleteKeyA
SHSetValueA
PathIsContentTypeA
SHQueryValueExA
SHGetValueA

Sections

.bss
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f023f3e2db787f22c9aa8dcee914fba

Headers

File Characteristics

Imports

comdlg32

msvcrt

version

kernel32

gdi32

advapi32

shell32

ole32

user32

shlwapi

Sections

.bss Size: 27KB - Virtual size: 26KB

.tls Size: 111KB - Virtual size: 110KB

.init Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 112KB

.data Size: 1024B - Virtual size: 946B

.bss
Size: 27KB - Virtual size: 26KB

.tls
Size: 111KB - Virtual size: 110KB

.init
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 112KB

.data
Size: 1024B - Virtual size: 946B