0d0e68c1bff7d31c2c6378e732d3df25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d0e68c1bff7d31c2c6378e732d3df25_JaffaCakes118
Size

2.3MB
MD5

0d0e68c1bff7d31c2c6378e732d3df25
SHA1

a8709eeea04306eef52a329a8c16ce5a2ab4d06d
SHA256

802e9f29f6b9c48693acf509d024f65eb9947619362c5a3e02059c2864c33337
SHA512

0c335db9646adf1d5eb9537c020ef85821cfc428ae0154461a1658cdb19a1886e7a66c8a601758746b56a1fa6471ff6122e6f9fba0b3979f15405debe348b68c
SSDEEP

24576:OIMz6XQWZA6yllOvJnYUTTDxa8oET1iUKQjJ12d1XHXvJMrPS0D82R:Oz69xiOv+Uz6FXx+8W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d0e68c1bff7d31c2c6378e732d3df25_JaffaCakes118

Files

0d0e68c1bff7d31c2c6378e732d3df25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d9937c5a9912c271f849c4ba4560329f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetSystemDirectoryW
GlobalLock
InitializeCriticalSection
CreateFileMappingW
CreateFileW
LocalAlloc
LocalSize
VirtualAlloc
GetEnvironmentStringsW
GetCommModemStatus
GlobalAddAtomW
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle

userenv

LeaveCriticalPolicySection
EnterCriticalPolicySection
UnregisterGPNotification

winspool.drv

GetPrintProcessorDirectoryW

user32

SetMessageExtraInfo
DdeFreeStringHandle
FillRect
GetTabbedTextExtentW
MenuItemFromPoint
ShowWindowAsync

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 724KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9937c5a9912c271f849c4ba4560329f

Headers

File Characteristics

Imports

kernel32

userenv

winspool.drv

user32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 6KB - Virtual size: 6.3MB

.rsrc Size: 724KB - Virtual size: 724KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 6KB - Virtual size: 6.3MB

.rsrc
Size: 724KB - Virtual size: 724KB