0c032a0de111b56f90277df9a9f4b2a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c032a0de111b56f90277df9a9f4b2a2_JaffaCakes118
Size

189KB
MD5

0c032a0de111b56f90277df9a9f4b2a2
SHA1

68eef997f543bf83e230151235e2945c602cbc4c
SHA256

5c171a4df85c1f7b6af8b530d63069010b461a32aa15e1770866121b3c993b27
SHA512

5365bbc607aa9dcc4463b6e4162217b271c706d41043f23d639a3c3a10702bbbba1508211192e8e0da2edc4526a1ea5eb62667a40a0b61a46c7bb5448377495f
SSDEEP

3072:8i6AJt1Sw6M9E1siYUIqP6uhvHt6kmlB9/n/RUzOKaWg4En2mAAKy31lhrmAM2Ps:lluwh9rPqCuV4HP2zOKJmsy31rrmIkE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c032a0de111b56f90277df9a9f4b2a2_JaffaCakes118

Files

0c032a0de111b56f90277df9a9f4b2a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0d35dced14a76a3a83d2c7065575c7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

StringFromCLSID
CoUninitialize
CoCreateInstance
CoRegisterClassObject
CreateStreamOnHGlobal
GetRunningObjectTable
CoFreeUnusedLibraries
CLSIDFromString
StringFromGUID2
CoInitializeEx
CoTaskMemFree
CoRevokeClassObject
CoInitialize
CreateItemMoniker
CoTaskMemAlloc

winmm

timeBeginPeriod
timeGetTime
timeGetDevCaps
timeEndPeriod

kernel32

DeleteCriticalSection
ReleaseMutex
ResetEvent
CreateThread
LockResource
GetTapeParameters
QueryPerformanceCounter
ResumeThread
GetLastError
SetEvent
lstrlenA
WaitForSingleObject
VirtualAlloc
HeapFree
LocalFree
GetModuleFileNameA
LeaveCriticalSection
GetCurrentThreadId
GetVersionExA
LoadResource
ClearCommError
InterlockedDecrement
WaitForMultipleObjects
GetProcAddress
IsBadReadPtr
EnumResourceNamesA
GetModuleFileNameW
SetThreadPriority
GetCurrentProcessId
IsBadWritePtr
EnterCriticalSection
CreateEventA
LoadLibraryW
MultiByteToWideChar
ReleaseSemaphore
FindResourceA
GetACP
GetCurrentThread
CreateSemaphoreA
InitializeCriticalSection
GetExitCodeThread
CreateMutexA
GlobalAlloc
WideCharToMultiByte
VirtualFree
GetThreadPriority
DisableThreadLibraryCalls
FatalExit
FreeLibrary
GetTickCount
GetSystemTime
Sleep
GetProcessHeap
InterlockedIncrement
GetSystemTimeAsFileTime
GetSystemInfo
CloseHandle
CreateFileW
TerminateThread
LoadLibraryA
ExitProcess

advapi32

RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegEnumKeyExA

user32

wvsprintfA
wsprintfA
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetQueueStatus
GetMessageA
CreateWindowExA
PeekMessageA
LoadStringA
RegisterClassA
PostThreadMessageA
DispatchMessageA
MonitorFromWindow
CopyRect
DestroyWindow

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0d35dced14a76a3a83d2c7065575c7b

Headers

File Characteristics

Imports

oleacc

ole32

winmm

kernel32

advapi32

user32

shell32

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 57KB - Virtual size: 57KB

.lib Size: 512B - Virtual size: 112KB

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 57KB - Virtual size: 57KB

.lib
Size: 512B - Virtual size: 112KB