0c573e67ce8395b8c30b24c04a9722eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c573e67ce8395b8c30b24c04a9722eb_JaffaCakes118
Size

3.4MB
MD5

0c573e67ce8395b8c30b24c04a9722eb
SHA1

61178d619126ef9b9eb3b6d831efd1f6fbee7b04
SHA256

1cc1c72eec5cdc5ed940e8e904dedcb21c69f5c2360c2c667785a52cdc8aa6a6
SHA512

15979115657adc0f4339129e078cba8475e5f08fd8d134a56bc2a0f4ec7b72386051073717a15529ef32b30b54f3132f1882d9c570e2091307aba0e1d74a9559
SSDEEP

49152:4AeBakD40DzdWouErmeoDYULO2olTbvZBepfVZDkt6kn2H8lrwNrbj+7qQxa:4AOo+r+S20bDeVIwYY1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c573e67ce8395b8c30b24c04a9722eb_JaffaCakes118

Files

0c573e67ce8395b8c30b24c04a9722eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

422b676d28dee2810d804ef7b92c3d18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
GetDC
UpdateWindow
GetSystemMetrics
BeginDeferWindowPos
DestroyWindow
DrawTextExW

kernel32

GetCommandLineA
GetModuleFileNameA
GetNumberOfConsoleInputEvents
GetModuleHandleW
OutputDebugStringA
FileTimeToSystemTime
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetVersion
GetTickCount
GetCurrentProcess
GetACP
GetCurrentProcessId
Sleep
ExitProcess
SetThreadPriority
GetLastError
OpenProcess
FillConsoleOutputAttribute
GetProcessHeap
GetModuleHandleA
_hwrite
VirtualAlloc
GetCommandLineW

msvcrt

__setusermatherr
rand
bsearch
_lock
_access
_wfopen
_onexit
_ltoa
_dup
__p__osver
time
?_set_new_mode@@YAHH@Z
fopen
__p__iob
_mbsspnp
_mbsninc

dciman32

DCICreatePrimary
DCICloseProvider
DCIBeginAccess
DCIDestroy
DCIOpenProvider
DCIEndAccess

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbs
Size: 512B - Virtual size: 547KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 1.6MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1.8MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

422b676d28dee2810d804ef7b92c3d18

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

dciman32

Sections

.text Size: 5KB - Virtual size: 4KB

.textbs Size: 512B - Virtual size: 547KB

.orpc Size: 1.6MB - Virtual size: 2.5MB

.CRT Size: 1.8MB - Virtual size: 2.9MB

.tls Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 24B

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 5KB - Virtual size: 4KB

.textbs
Size: 512B - Virtual size: 547KB

.orpc
Size: 1.6MB - Virtual size: 2.5MB

.CRT
Size: 1.8MB - Virtual size: 2.9MB

.tls
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 24B

.rsrc
Size: 19KB - Virtual size: 19KB