0cafb9893dc262d34ca6dec0da5ed555_JaffaCakes118

General

Target

0cafb9893dc262d34ca6dec0da5ed555_JaffaCakes118
Size

75KB
MD5

0cafb9893dc262d34ca6dec0da5ed555
SHA1

e15ebea6fbff90a8309a932307c26a629f7c4305
SHA256

6d460bbcc040eea587160e4404d17183ad4a723ab36d94a29f303d38de99bd8e
SHA512

5a052314f3fc4eac7cfee2b228240f0dd41713eefef3c65099cf51b5cf4af47bbc0dd7ef1b6b68a26c079f9196f5bc1aadb72afafe7c331b6ad79d3fcf4796dd
SSDEEP

1536:VpF8oqwd04hNd7nsHL/R5OM91kDCB/5leYK8el:V9faw7slcMjhheYK8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cafb9893dc262d34ca6dec0da5ed555_JaffaCakes118

Files

0cafb9893dc262d34ca6dec0da5ed555_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a0232866b45e3ae9f46aeaad41aa5c68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
LocalAlloc
GetLastError
FileTimeToLocalFileTime
LocalFree
InterlockedDecrement
GetVersionExA
DeleteCriticalSection
DisableThreadLibraryCalls
CreateEventA
SetEvent
GetCurrentThread
CloseHandle
GlobalAlloc
SetLastError
EnterCriticalSection
LeaveCriticalSection
GlobalFree
VirtualProtect
GetCommandLineA
InterlockedIncrement

advapi32

ControlService
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
EnumDependentServicesA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
AccessCheck
OpenThreadToken
SetThreadToken
RegQueryValueExA
CryptAcquireContextA

ole32

CoSetProxyBlanket
CoGetCallContext
CoUninitialize
CoCreateFreeThreadedMarshaler

msvcr71

memmove
__dllonexit
__CppXcptFilter
_adjust_fdiv
_except_handler3
wcschr
wcslen
_wcsupr
wcsstr
wcscpy
_onexit
_wcsnicmp
_wcsicmp
free
_initterm
malloc

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0232866b45e3ae9f46aeaad41aa5c68

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcr71

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 33KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 33KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 1KB - Virtual size: 1KB