0c059b0d1d5a03f69a21185987c17d5c_JaffaCakes118

General

Target

0c059b0d1d5a03f69a21185987c17d5c_JaffaCakes118
Size

163KB
MD5

0c059b0d1d5a03f69a21185987c17d5c
SHA1

e5d061dce077318314b73b2b18329b893a4a63af
SHA256

9b091aa4d3aa8e5d7ab513720e2ac179e09556c0361cd4976d5607010addfe44
SHA512

2863936ac85ce243f543a18c61cc80a570ff6034fef7379d9df4c5ac78599a480c6517ecadd90819349eded9b7e974af9d13f911841f071660d08837941ff03d
SSDEEP

3072:hScjWwPeLFHGa8hnPp+5kk12auALiFm18tyWa8cwMk8zHbUfEmo:YwmA/hR01ZuFFJyWa8xoHbUfEmo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c059b0d1d5a03f69a21185987c17d5c_JaffaCakes118

Files

0c059b0d1d5a03f69a21185987c17d5c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2bfc8f4472c887dece48151910d17820

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetVersion
MulDiv
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualAlloc
VirtualProtect
DosDateTimeToFileTime
InterlockedDecrement
LoadLibraryA
GetVersionExA
IsDBCSLeadByte
Sleep
SetLastError
GetLastError
IsBadWritePtr
GetProcessHeap
IsBadReadPtr
GetLocalTime

user32

GetWindowPlacement
IsIconic
IsZoomed
GetWindowThreadProcessId
GetWindowInfo
GetWindow
GetTitleBarInfo
GetCursor
IsWindowUnicode
GetClientRect
IsChild
SetLastErrorEx
BlockInput
InSendMessage
GetDC
GetWindowRgn
IsCharAlphaNumericA
GetAncestor

advapi32

IsValidSid
GetUserNameA
IsValidAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RevertToSelf

msvcrt

_CIfmod
_set_error_mode
rand
_ltoa
_adjust_fdiv
malloc
_initterm
free
memmove
_memicmp
_swab
_memccpy
time
localeconv
_pctype
_isctype
__mb_cur_max
_hypot
floor
_itoa
_CIcosh
_CIacos
srand

gdi32

GdiFlush
GetBkColor
GdiGetBatchLimit

ole32

CoFileTimeNow

shell32

ord66
DuplicateIcon
ord524

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bfc8f4472c887dece48151910d17820

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 71KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 71KB

.reloc
Size: 3KB - Virtual size: 2KB