0caf8bad4bfd89d420c760fa332ac776_JaffaCakes118

General

Target

0caf8bad4bfd89d420c760fa332ac776_JaffaCakes118
Size

245KB
MD5

0caf8bad4bfd89d420c760fa332ac776
SHA1

be24f28b0ec97293e99c5066bc246f761fecae58
SHA256

d49f7ff42159ce6057c3f6d73bf3cf070288b306fff4619f071eb0f7fd9a114b
SHA512

1dbf6d61b0ce4ca3cf448415213fa7414238e2856531e37af9adda6386ef53a740aaf00e112a5d519fceaaabeebc93ed24dce1bcd443af0dfd12f089c9d84757
SSDEEP

6144:7uX6UnAradtjwWR9mXS8/qUGcMkY28oh1O0CONw:7k6UdDmL/qwMkY28D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0caf8bad4bfd89d420c760fa332ac776_JaffaCakes118

Files

0caf8bad4bfd89d420c760fa332ac776_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c94093c8069879662f5d0814b664a613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRegisterSurrogate
StgOpenStorage

advapi32

RegFlushKey
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueA
RegReplaceKeyA
RegEnumKeyA
RegOverridePredefKey

kernel32

ResumeThread
PulseEvent
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
GetProcAddress
QueryPerformanceCounter
GetStartupInfoA
ReleaseMutex
GetEnvironmentStrings
GetACP
GetLastError
LCMapStringA
CreateSemaphoreA
GetProcessHeap
VirtualAlloc
ReleaseSemaphore
LocalFree
LocalHandle
OpenEventA
GetStdHandle
GetModuleHandleA
CloseHandle

winspool.drv

ClosePrinter
DeletePrinterDataA
ConfigurePortA
AddFormA
DeletePrinter
AbortPrinter
AddPrinterA
AddPrinterConnectionA
ConnectToPrinterDlg
DeletePrinterKeyA

msvcrt

exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_exit
_XcptFilter

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c94093c8069879662f5d0814b664a613

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 210KB - Virtual size: 210KB

.data Size: 512B - Virtual size: 329KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 210KB - Virtual size: 210KB

.data
Size: 512B - Virtual size: 329KB

.rsrc
Size: 19KB - Virtual size: 19KB