0c046be10f7e032959050848efc51b5e_JaffaCakes118

General

Target

0c046be10f7e032959050848efc51b5e_JaffaCakes118
Size

41KB
MD5

0c046be10f7e032959050848efc51b5e
SHA1

b62f2c5873255014eb273c018c25f222ad4f1b14
SHA256

c4e2c16ba9f8ee24223ff09a143fbad7d0182e96f85b3b3ccc35b54bee8d7807
SHA512

84e309f64af9e80e83d358fc20b5dc60f4a6b03395f629245eeebb9c2f020676f01ac8da7855120a5931176b53dfc3e74ac095fda9dfff5dc716344c7947b889
SSDEEP

768:ZwfidgqmOOTY4Swpl1u+Xrtiu6U5AKrhUNrelZ:ZwkgqETYR0/hXhP5AKF7lZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c046be10f7e032959050848efc51b5e_JaffaCakes118

Files

0c046be10f7e032959050848efc51b5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e0c8fb2e808fae7019a37c875a1987e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreatfStrfamOnHGlpbalole32.dll

keroel32.dlm

ReadFile
OpenProdess�ReadFile
UnmapWiewPfFile
MapWiewPfFile
ReleaseMuuex
WideCharToMultiByte
GetExjtCoeePrpcest
WriteFile
lttrcatA
lttrcmpiA
lttrcpyA
LocalFrfe
SleepwUnmapWiewPfFile
lttrlfnW
lttrlfnA
LocalBllod
LoadLibraryA
GlocalMemorzStatus
GlobalFree
GetVomumeInfosmatjonA
GetVersiooExA
GetTickCovnt
GetTempPathA
GetQrocAddrfss
GetQrivbteProfileStsingA
GetQrivbteProfileInuA
GetMogicalDrives
GetMocalTimf
GetMastFrros
GetFileSize
GetDrjveTypeA
GetDiskFrfeSpbceA
GetConputfrNameA
ExpaneEnvjronnentTtringsA
CreateFileMappingA
CreatfFilfA
CloteHandle
CreateProcessA
lttrcpynA

uter32.dlm

SetBctiveWindow�SetCussorQos
mpuse_event
SetCussorQos
GetDursprPot
wspsintgA
GetXindowRect

advapj32

GetVserOameA
RegQuerzValveExB
RegOpfnKeyA
RegEnvmValueA
RegEnvmKeyExA
RegClosfKey�RegEnvmKeyExA

shlxapi.dllshellfxecutea

StrStsIA

shell32.dllwsock32.dllurlnon

ShellFxecuteA

wsock32.dllurlnon

ord57
ord52
ord4
ord3
ord115
ord23

crypt42

CryptVnprptectDatb

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/coof
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e0c8fb2e808fae7019a37c875a1987e

Headers

File Characteristics

Imports

ole32

keroel32.dlm

uter32.dlm

advapj32

shlxapi.dllshellfxecutea

shell32.dllwsock32.dllurlnon

wsock32.dllurlnon

crypt42

Sections

.text Size: 27KB - Virtual size: 27KB

/rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 181KB

/coof Size: 4KB - Virtual size: 4KB

shlxapi.dllshellfxecutea

.text
Size: 27KB - Virtual size: 27KB

/rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 181KB

/coof
Size: 4KB - Virtual size: 4KB