0c1174802ba82c2e92faf6ce2cd0bd87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c1174802ba82c2e92faf6ce2cd0bd87_JaffaCakes118
Size

136KB
MD5

0c1174802ba82c2e92faf6ce2cd0bd87
SHA1

3b27eadac4f7c75fed1bdee04e9691dcf9dd7ddb
SHA256

ead31e78b0eb2d410202b44266d50c8da063a7345ba39850b9ad19932315f0a3
SHA512

cfee1cfe2e74c9bb836880656a9e3be48bb3ed58d767cbf95cb86e51fcc92baaa89f7deb7b0c8b0cc6835e571e54a7142f14bcda73903320bfdfd70bfdc1ae12
SSDEEP

1536:5vKbiGuZkhJXu3wVGw7CpsZHHXTX8lyrJx8pElJS3+nUtETtvailMqSvOu:5fZZkhM3wTAEQlyrJx8Orhdn6mu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c1174802ba82c2e92faf6ce2cd0bd87_JaffaCakes118

Files

0c1174802ba82c2e92faf6ce2cd0bd87_JaffaCakes118
.exe windows:6 windows x86 arch:x86

1acbe743860902a10f01a04879630447

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInStart
mmioRead

comdlg32

FindTextA

cfgmgr32

CM_Disable_DevNode

crypt32

CertIsValidCRLForCertificate

msvcrt

feof
wcsftime
mbtowc

user32

GetMessageExtraInfo
SendNotifyMessageA
DrawFrameControl
GetSysColorBrush
IsMenu
UnhookWindowsHookEx
GetClassWord
GetMenuState
PtInRect
CreateDesktopW

shell32

SHLoadNonloadedIconOverlayIdentifiers

ole32

OleIsRunning
CoUninitialize

kernel32

CreateMutexExA
LocalReAlloc
CloseHandle
GetCurrentThreadId
GetTimeZoneInformation
GetConsoleOutputCP
SetConsoleScreenBufferSize
ActivateActCtx
RequestWakeupLatency
ZombifyActCtx
FindAtomW
CompareFileTime
DeleteTimerQueue
LoadLibraryExW
CreateTimerQueueTimer
SetCommConfig
CreateWaitableTimerA
Heap32Next
GetLocaleInfoW
DeleteBoundaryDescriptor

rpcrt4

RpcBindingSetAuthInfoExW

advapi32

CloseServiceHandle
RegOpenCurrentUser

gdi32

DrawEscape
GetTextCharacterExtra
CreateSolidBrush
CreateFontIndirectW
SetBoundsRect
OffsetRgn
SetWorldTransform
StrokePath

wintrust

CryptCATHandleFromStore
CryptCATEnumerateMember

winspool.drv

EnumPortsW

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1acbe743860902a10f01a04879630447

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comdlg32

cfgmgr32

crypt32

msvcrt

user32

shell32

ole32

kernel32

rpcrt4

advapi32

gdi32

wintrust

winspool.drv

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 84KB - Virtual size: 85KB

.crt1 Size: 24KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 368B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 84KB - Virtual size: 85KB

.crt1
Size: 24KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 368B