0fd28fd93f34b05b4df9c91872ef4a55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fd28fd93f34b05b4df9c91872ef4a55_JaffaCakes118
Size

412KB
MD5

0fd28fd93f34b05b4df9c91872ef4a55
SHA1

a61ebbc8ce14c9a372483a19a41cbbee7844e164
SHA256

023d86b1e8bbebd8ae6148aa4d9cabb54d16a94cdaa91dbf0feccf2564922103
SHA512

9be45cfb4cff231b6847a14fd52ee6013db5d4e4337fd07b648db201865794d2cd0425ecb6c543f750a4e8c4eb9c03708161effc24f02c06b320572caebcb0ba
SSDEEP

12288:GzPhXHnjPxGIBjUAMKx+lWbdjMNwbn9y6sY:GlXDYIxpxVYw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fd28fd93f34b05b4df9c91872ef4a55_JaffaCakes118

Files

0fd28fd93f34b05b4df9c91872ef4a55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61ee7cb4bb175c09749bb32c46dad19f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_Draw
ImageList_Remove
ImageList_Create
CreateToolbarEx
ord17
ImageList_ReplaceIcon

kernel32

GetFileAttributesA
WideCharToMultiByte
GetModuleFileNameA
OutputDebugStringA
LoadLibraryA
InterlockedDecrement
CreateFileA
SetEndOfFile
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
ReadFile
GetStringTypeW
GetStringTypeA
GetCPInfo
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetWindowsDirectoryA
FreeEnvironmentStringsA
HeapSize
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
FindFirstFileA
LCMapStringW
WritePrivateProfileStringA
WriteFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
ExitThread
TlsSetValue
CreateThread
ResumeThread
InterlockedIncrement
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
SearchPathA
GetVersion
GetModuleHandleA
GetProcAddress
LocalAlloc
lstrcmpA
LocalFree
ExpandEnvironmentStringsA
FormatMessageA
lstrcpyA
lstrlenA
lstrcatA
GetTickCount
FindNextFileA
FindClose
OpenProcess
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteFileA
GetPrivateProfileStringA
GetCurrentThreadId
WriteProfileStringA
GetCurrentProcess
GetLastError
CloseHandle
GetProfileStringA
CreateDirectoryA
SetFileAttributesA
MoveFileA
RemoveDirectoryA
LCMapStringA
MultiByteToWideChar
FreeEnvironmentStringsW
RaiseException

user32

PtInRect
BeginPaint
DispatchMessageA
EndPaint
DrawFrameControl
TranslateMessage
TranslateAcceleratorA
GetMessageA
GetClassNameA
DeferWindowPos
LoadAcceleratorsA
CreateDialogParamA
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
GetWindowLongA
SetWindowLongA
DrawMenuBar
LoadStringA
PostQuitMessage
DialogBoxParamA
LoadCursorA
GetSysColorBrush
ChildWindowFromPoint
InvalidateRect
EndDialog
TrackPopupMenu
EnableMenuItem
DeleteMenu
GetSubMenu
InsertMenuA
SetDlgItemTextA
RegisterClassExA
FindWindowA
WaitForInputIdle
GetWindowThreadProcessId
SetForegroundWindow
FindWindowExA
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
LoadIconA
GetMenu
CheckMenuItem
SetWindowTextA
MessageBoxA
SetWindowPos
GetWindowRect
IsIconic
IsZoomed
GetDlgItem
SetTimer
GetParent
SetCursor
GetCursorPos
GetClientRect
CreateWindowExA
SetFocus
CallWindowProcA
GetSysColor
GetSystemMetrics
GetFocus
GetDC
SendMessageA
DrawTextA
ReleaseDC
MoveWindow
ShowWindow
ClientToScreen
ScreenToClient
PostMessageA
DestroyWindow
DefWindowProcA
LoadImageA
EnumDisplaySettingsA
IsDialogMessageA

gdi32

GetObjectA
CreateFontIndirectA
GetStockObject
SetBkColor
ExtTextOutA
GetTextExtentPoint32A
SelectObject
SetTextColor
SetBkMode
CreateSolidBrush

comdlg32

GetSaveFileNameA

advapi32

RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegCloseKey
RegUnLoadKeyA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
DeleteService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
AllocateAndInitializeSid
FreeSid
EqualSid
LookupAccountSidA
GetTokenInformation
RegDeleteKeyA

shell32

ShellExecuteA
SHGetFileInfoA
ShellExecuteExA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�p�
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61ee7cb4bb175c09749bb32c46dad19f

Headers

File Characteristics

Imports

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 28KB

.rsrc Size: 40KB - Virtual size: 38KB

�p� Size: 244KB - Virtual size: 244KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 28KB

.rsrc
Size: 40KB - Virtual size: 38KB

�p�
Size: 244KB - Virtual size: 244KB