0cc57e32bd0150e8f053d8bb8418a716_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0cc57e32bd0150e8f053d8bb8418a716_JaffaCakes118
Size

176KB
MD5

0cc57e32bd0150e8f053d8bb8418a716
SHA1

accf75ba06fac545965528cfb51171ad29679860
SHA256

b3e11e58b795f90e847e794c7af846a5e41c952bbc4a434fab4688918ae02a21
SHA512

e8e2821cf316d3a02580a0b167d8154f0e0c263006e6c06cf29f61a9e5b4222c3b8063705f9745a46e23db81006d55a302e57da74f6153d0aef9c330eab82d06
SSDEEP

3072:aRvLffFEyoEPIZWfvOyY431gSYsXnEMd8xg9XkfIgMqr7J3:4zdEpEPIZID1gQd8xgiI9qr7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cc57e32bd0150e8f053d8bb8418a716_JaffaCakes118

Files

0cc57e32bd0150e8f053d8bb8418a716_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e828bf32ba8694129b73c5b7be92df74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcessHeap
SetHandleCount
GetCommandLineA
SetLastError
ExitProcess
GetThreadLocale
SetErrorMode
VirtualAlloc
GetACP

user32

GetWindow
GetParent
GetMenuItemCount
GetDC
GetCursor
GetClipboardData
DrawMenuBar
GetMenu
wsprintfA
IsWindowVisible

gdi32

GetTextAlign
GetDIBits

Exports

Exports

_D
EFM@4
c57@12
_3mT@24
te@24
Pvp
_uXV@24
lPJ@24
_wG
_k@20
q@24
_x
_5d@24
6m@16
_K@8
_F@8
_wR
1@24

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1024B - Virtual size: 955B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 634B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tls
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e828bf32ba8694129b73c5b7be92df74

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 138KB - Virtual size: 169KB

BSS Size: 1024B - Virtual size: 955B

.idata Size: 1024B - Virtual size: 634B

tls Size: 512B - Virtual size: 96B

.rdata Size: 512B - Virtual size: 24B

.bbs Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 344B

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 138KB - Virtual size: 169KB

BSS
Size: 1024B - Virtual size: 955B

.idata
Size: 1024B - Virtual size: 634B

tls
Size: 512B - Virtual size: 96B

.rdata
Size: 512B - Virtual size: 24B

.bbs
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 344B

.rsrc
Size: 15KB - Virtual size: 15KB