0cfa37f9a45d19ef68646844e05cc45f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0cfa37f9a45d19ef68646844e05cc45f_JaffaCakes118
Size

352KB
MD5

0cfa37f9a45d19ef68646844e05cc45f
SHA1

a83073848554d837548b787fbb13b4e10ed042fd
SHA256

e379bdd0df0008a36a9a0a13772b38dbf64a0c4a972a6fd20757b3a8f2f75edd
SHA512

8b310361ea0b197496147323041a9ecc78a9ec1069c16af4ef38c9dc1ff51b3c48805fb2db4fec5fb206ab995ae59cd19ed28dba8a1607efe4068b971d124547
SSDEEP

6144:D+KFXEpjJKVW29kgWVgE2tFgWMI1MWYjR1/xu/cGTm/docyd6muem:D+KFXaQRCmtTxXYjhGTmicyLub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cfa37f9a45d19ef68646844e05cc45f_JaffaCakes118

Files

0cfa37f9a45d19ef68646844e05cc45f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7c9b2e14aa4976bce3e4ad15af826753

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHEnumKeyExA

kernel32

CloseHandle
CompareStringA
OpenEventA
CreateFileMappingA
DeleteAtom
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
GetConsoleMode
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
Beep
GetCurrentThreadId
GetThreadLocale
GetUserDefaultLCID
GlobalAlloc
ReleaseMutex
ReleaseSemaphore
ResetEvent
GetStartupInfoA
ReadFile
WriteFile
CreateFileA
ExitProcess
GetComputerNameA
GetCurrentProcessId
GetFileType
CancelIo
CallNamedPipeA
BackupRead
lstrcmpA
lstrlenW
lstrlenA
FlushViewOfFile
GetDriveTypeA
GetWindowsDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
GetComputerNameW
GetCurrentDirectoryW
GetFileAttributesW
GetBinaryTypeA

user32

ReleaseDC

advapi32

GetUserNameW
GetUserNameA

msvcrt

free
malloc

winmm

GetDriverModuleHandle
DrvGetModuleHandle
timeEndPeriod

Exports

Exports

maps

Sections

.code
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wdzxp
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c9b2e14aa4976bce3e4ad15af826753

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

msvcrt

winmm

Exports

Exports

Sections

.code Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 296KB - Virtual size: 295KB

wdzxp Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 760B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 296KB - Virtual size: 295KB

wdzxp
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 760B

.reloc
Size: 4KB - Virtual size: 1KB