fecd09b46f085c25cf89101aa75938c8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fecd09b46f085c25cf89101aa75938c8_JaffaCakes118
Size

83KB
MD5

fecd09b46f085c25cf89101aa75938c8
SHA1

8c171e4a943f1af46426e21004908fa52594aa57
SHA256

385ef55590587564c665326dfbc7162fe14d6edd1a384cd2a6e35358799199ef
SHA512

84d727fc776820ad566f549efc10628dc505c5651111db65f404f9052125fe626fdbca489a0444764e4be6f1805d19ff048fc137398f45cee20e6404d0cbbc4a
SSDEEP

1536:NDcmKcJbFDfdu/SiS4OG3r4w4SbcmglYiPZY+j8/UFmIFVPi/ehZiEHxpQM8Lo:NomRFDY/mJir4w/bHgCuY+j8/UWqryo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fecd09b46f085c25cf89101aa75938c8_JaffaCakes118

Files

fecd09b46f085c25cf89101aa75938c8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53ea88bb55a5b0b6b8d2473ef3666076

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeW
ChangeTimerQueueTimer
LoadLibraryA
Module32Next
GetNamedPipeHandleStateA
lstrcpynW
SetConsoleNumberOfCommandsA
SetCurrentDirectoryA
lstrlenA
AddConsoleAliasA
QueryDepthSList
GetLongPathNameA
GetProcessId
BuildCommDCBAndTimeoutsW
GetProcessVersion
HeapQueryInformation
FreeResource
VirtualAlloc

msvcp60

?round_error@?$numeric_limits@O@std@@SAOXZ
?_Nanv@?$_Ctr@N@std@@SANN@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
?_Init@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXPBDIH@Z
??_7domain_error@std@@6B@
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
?_Getno@_Locinfo@std@@QBEPBDXZ
??0?$ctype@D@std@@QAE@PBF_NI@Z
??Dstd@@YA?AV?$complex@M@0@ABMABV10@@Z
?_Getcat@?$codecvt@GDH@std@@SAIXZ
??Hstd@@YA?AV?$complex@O@0@ABV10@ABO@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
?pow@std@@YA?AV?$complex@M@1@ABV21@ABM@Z

msvcrt20

strerror
fgets
_rotr
strtoul
_CIfmod
??5istream@@QAEAAV0@PAE@Z
?overflow@stdiobuf@@UAEHH@Z
_heapchk
?x_lockc@ios@@0U_RTL_CRITICAL_SECTION@@A
_wcsset
tan
__p__commode
??_Gifstream@@UAEPAXI@Z
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?gbump@streambuf@@IAEXH@Z
?attach@ifstream@@QAEXH@Z
_controlfp
??0ostream@@QAE@PAVstreambuf@@@Z
?sgetn@streambuf@@QAEHPADH@Z
??0ostrstream@@QAE@XZ
?sync@filebuf@@UAEHXZ
?binary@filebuf@@2HB
?seekg@istream@@QAEAAV1@J@Z
?_query_new_mode@@YAHXZ
?ws@@YAAAVistream@@AAV1@@Z
_tcsnset
_wmktemp
?gptr@streambuf@@IBEPADXZ

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53ea88bb55a5b0b6b8d2473ef3666076

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp60

msvcrt20

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 26KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 284B

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 26KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 284B