0fc563d2d2bbada3557ab6987957a594_JaffaCakes118

General

Target

0fc563d2d2bbada3557ab6987957a594_JaffaCakes118
Size

192KB
MD5

0fc563d2d2bbada3557ab6987957a594
SHA1

2e745a844d842017efe7034ab674f667365e552a
SHA256

3012eee3dcc64bd55eb045e2cfd3a7234a4e5f3624f79d0aa4c940cd7def0235
SHA512

4f2d11d7e585c9af4ad840997a1b15aeaf27fb7436c8612351d500fdfec123f3ce7c132ccbced2ec0bfc7e7e13253c0f8a2d8f5001c4228028f36c7e4ca823df
SSDEEP

3072:3h/uRS/ffjrWeU3KU1t2/QpgQwfKw1d0PRHK3gaZGTp5UnTi+fv9+R8:RuRSHrCtP1tngQwiw1PtZGfqbd+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fc563d2d2bbada3557ab6987957a594_JaffaCakes118

Files

0fc563d2d2bbada3557ab6987957a594_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5431ef0999af3bb2ee42b84b0bb73517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
IsDBCSLeadByte
GetThreadTimes
GetThreadPriority
VirtualAlloc
GetUserDefaultLangID
GetModuleHandleA
ReleaseMutex
GetThreadLocale
CreatePipe
CancelWaitableTimer
GetOEMCP
GetConsoleCP
CreateMutexA
GetLargestConsoleWindowSize
TlsGetValue
AddAtomA
GetExitCodeThread
TlsFree
GetHandleContext
SetEvent

user32

GetDC
GetWindow
InvalidateRect
GetFocus
GetClassInfoExA
IsWindowVisible
GetWindowTextA
CloseWindow
GetActiveWindow
ShowWindow
RegisterClassA
GetForegroundWindow
GetWindowTextLengthA
GetClassNameA
ValidateRect
ReleaseDC
ReleaseDC
GetSystemMetrics
IsIconic

dsound

DllGetClassObject
DirectSoundCreate
DllCanUnloadNow
GetDeviceID
DirectSoundEnumerateA

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5431ef0999af3bb2ee42b84b0bb73517

Headers

File Characteristics

Imports

kernel32

user32

dsound

mscms

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 33B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 33B

.rsrc
Size: 4KB - Virtual size: 4KB