0cf27a3576b0053976a1c12daabc94a2_JaffaCakes118

General

Target

0cf27a3576b0053976a1c12daabc94a2_JaffaCakes118
Size

207KB
MD5

0cf27a3576b0053976a1c12daabc94a2
SHA1

52e755703d83170365bb0f791ad5774723f301f0
SHA256

2c53ab875422fe5805d692dabd590bd64a4a40ac77262df8ddd8e1446aeaa87c
SHA512

6a19bba83a2c7b3894337a36a01ff7c4894b2d0ab873c9f763e852168bb95992fb8e56c7e2cfcc2f1cc33cdacb32579a99a1f2a026bcbe0aecc12b613546e602
SSDEEP

6144:TfNBQNk/r1u1aMJ8zFpHG8cbbO6b/kvFQuH:hB9MC3DkO6b/sQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cf27a3576b0053976a1c12daabc94a2_JaffaCakes118

Files

0cf27a3576b0053976a1c12daabc94a2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

07e7552bc6aef75fcf52a2db2cb27304

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetVolumeInformationW
TlsAlloc
MapViewOfFile
GetOEMCP
GetCurrentProcess
InterlockedIncrement
VirtualFree
WriteConsoleA
CreateDirectoryA
GlobalHandle
GetCurrentThreadId
GetVersionExA
GetStartupInfoA
GetACP
DuplicateHandle
WaitForSingleObject
InitializeCriticalSection
lstrcmpiW
VirtualAlloc
RtlUnwind
LoadLibraryExW
WriteFile
UnhandledExceptionFilter
InterlockedCompareExchange
GetStdHandle
GetProcAddress
CompareStringW
GetVersionExW
GetCurrentProcessId
EnterCriticalSection
FlushFileBuffers
HeapReAlloc
QueryPerformanceCounter
GetLastError
SetThreadPriority
CreateEventW
ExpandEnvironmentStringsW

user32

RegisterClassA
SendMessageW
RegisterClassExW
OffsetRect
DestroyMenu
UnionRect
CreateWindowExW
RedrawWindow

msvcrt

wcsrchr
??3@YAXPAX@Z
??0exception@@QAE@XZ
__set_app_type
_callnewh
__p__commode
_amsg_exit
exit
wcsncmp
_vsnprintf
_purecall

gdi32

GetBkColor
SelectObject
GetStockObject

opengl32

glRotatef

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07e7552bc6aef75fcf52a2db2cb27304

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

gdi32

opengl32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 10KB - Virtual size: 147KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 10KB - Virtual size: 147KB

.rsrc
Size: 2KB - Virtual size: 2KB