0c4355e5c0056708d37af7675030d08f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0c4355e5c0056708d37af7675030d08f_JaffaCakes118
Size

254KB
MD5

0c4355e5c0056708d37af7675030d08f
SHA1

8dfd0ac5da798921cf63a0644f7e18a3ed3c442b
SHA256

96f80b7a58c6cbd7abdbd986ae3afcadb983b5fa1e59dc249f91ce588201a205
SHA512

134a312bf875f912df750c5b69d25a4bc0f6ef7ab78a11bd214734f4aa99c8c8e5102844da385b466f6dbb7bbd26ca3f525eb73b496c5170e7b723e9b91b45bf
SSDEEP

6144:pMDzfNmz6rIPGk0gFdJvbizOz8mg+es9ejK8FU:pwzfNu3Ok0gFdJGzc8LDaejzU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4355e5c0056708d37af7675030d08f_JaffaCakes118

Files

0c4355e5c0056708d37af7675030d08f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d614fe385b3a3f084955c5937ddbff2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

user32

LockWindowUpdate
SetFocus
EnumThreadWindows
DrawIconEx
PostMessageA
GetSystemMetrics
DestroyIcon
LoadIconA

kernel32

FormatMessageA
FreeLibrary
FileTimeToSystemTime
GetCommandLineW
SystemTimeToTzSpecificLocalTime
GetSystemDirectoryA
lstrcmpiA
WideCharToMultiByte
HeapAlloc
GetProcessHeap
GetWindowsDirectoryA
OutputDebugStringA
DeleteCriticalSection
SetLastError
LoadLibraryExA
GetTimeZoneInformation
GetModuleHandleA
HeapFree
GetCurrentThreadId
CloseHandle
LocalFree
LoadLibraryW
VirtualAllocEx

advapi32

FreeSid
OpenProcessToken
RegOpenKeyExA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
RegCloseKey
RegQueryValueExA

comdlg32

GetOpenFileNameW

oleaut32

SysFreeString
SysAllocStringLen

ole32

CoInitialize
CoCreateInstance
CoUninitialize

wsock32

inet_addr
ioctlsocket

winspool.drv

OpenPrinterW
AddJobW
DeviceMode
AddMonitorW
WritePrinter
PerfClose
DocumentPropertiesA
SetFormW
ConfigurePortW
EnumPrintProcessorDatatypesW
StartDocDlgA
EndDocPrinter
AddJobA

getuname

GetUName

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.epGy
Size: 512B - Virtual size: 343B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZOQgL
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.klbLD
Size: 512B - Virtual size: 213B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gAwv
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oVbmdu
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exyIC
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DACOLr
Size: 106KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 111KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nUNksu
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.otvWDN
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ikIbk
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yurLJo
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d614fe385b3a3f084955c5937ddbff2a

Headers

DLL Characteristics

File Characteristics

Imports

shell32

version

user32

kernel32

advapi32

comdlg32

oleaut32

ole32

wsock32

winspool.drv

getuname

Sections

.text Size: 18KB - Virtual size: 17KB

.epGy Size: 512B - Virtual size: 343B

.ZOQgL Size: 2KB - Virtual size: 1KB

.klbLD Size: 512B - Virtual size: 213B

.gAwv Size: 512B - Virtual size: 346B

.rdata Size: 2KB - Virtual size: 2KB

.oVbmdu Size: 2KB - Virtual size: 2KB

.exyIC Size: 1KB - Virtual size: 1KB

.DACOLr Size: 106KB - Virtual size: 312KB

.data Size: 111KB - Virtual size: 622KB

.rsrc Size: 3KB - Virtual size: 2KB

.nUNksu Size: 3KB - Virtual size: 2KB

.otvWDN Size: 1024B - Virtual size: 536B

.ikIbk Size: 512B - Virtual size: 344B

.yurLJo Size: 512B - Virtual size: 388B

.text
Size: 18KB - Virtual size: 17KB

.epGy
Size: 512B - Virtual size: 343B

.ZOQgL
Size: 2KB - Virtual size: 1KB

.klbLD
Size: 512B - Virtual size: 213B

.gAwv
Size: 512B - Virtual size: 346B

.rdata
Size: 2KB - Virtual size: 2KB

.oVbmdu
Size: 2KB - Virtual size: 2KB

.exyIC
Size: 1KB - Virtual size: 1KB

.DACOLr
Size: 106KB - Virtual size: 312KB

.data
Size: 111KB - Virtual size: 622KB

.rsrc
Size: 3KB - Virtual size: 2KB

.nUNksu
Size: 3KB - Virtual size: 2KB

.otvWDN
Size: 1024B - Virtual size: 536B

.ikIbk
Size: 512B - Virtual size: 344B

.yurLJo
Size: 512B - Virtual size: 388B