64e7e4274636e4e3c6ad12f5a7f874e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64e7e4274636e4e3c6ad12f5a7f874e3_JaffaCakes118
Size

260KB
MD5

64e7e4274636e4e3c6ad12f5a7f874e3
SHA1

20e79b8f0b5a100e5a250f2a90710d7cf51c415a
SHA256

d2691b5900eaa4a68f6d3d997473628bc30f2380b06d72f72e334a421663d37b
SHA512

e45108d6076bf5a391fd193d082a9abe907d7221a3b6936f9eb006b69f40cff918f062026738891263c7518344f619be7d1e94da57417e09b087ae830a7bbeb1
SSDEEP

6144:WSw5ITBMBLKfKiBtSbP3iBS9MuyR6TDcSJiuttXlQdnPDr1D9u2xl:WSweTBMBLKfKiBtSbP38S9MuyR63cZuY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64e7e4274636e4e3c6ad12f5a7f874e3_JaffaCakes118

Files

64e7e4274636e4e3c6ad12f5a7f874e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bde7fd8ce65c1e9da7d3ee961967d7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
calloc
_beginthreadex
_strupr
wcscpy
atoi
wcstombs
wcslen
mbstowcs
_access
__setusermatherr
vsprintf
exit
fopen
fwrite
fclose
strrchr
_except_handler3
free
malloc
strncpy
sprintf
puts
strstr
putchar
rand
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
_CIpow
strncat
_CIacos
__CxxFrameHandler
??2@YAPAXI@Z
printf
memmove
_ftol
??1type_info@@UAE@XZ
_CxxThrowException
??3@YAXPAX@Z

kernel32

GetTickCount
InterlockedExchange
LocalAlloc
LocalFree
lstrlenW
WideCharToMultiByte
GetStartupInfoA
GetModuleHandleA
GetExitCodeThread
TerminateThread
CreateThread
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedDecrement
CreateFileA
SetFilePointer
GetFileSize
WriteFile
GetCurrentProcessId
FreeLibrary
GetLocalTime
RaiseException
SetEvent
WaitForSingleObject
CloseHandle
Sleep
CreateEventA
LoadLibraryA
GetProcAddress

msvcp60

?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Xran@std@@YAXXZ

ole32

CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoUninitialize
CLSIDFromString

oleaut32

GetErrorInfo
SetErrorInfo
VariantChangeType
CreateErrorInfo
VariantInit
SysAllocString
SysFreeString
VariantClear

msvfw32

ICSendMessage

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bde7fd8ce65c1e9da7d3ee961967d7c

Headers

File Characteristics

Imports

msvcrt

kernel32

msvcp60

ole32

oleaut32

msvfw32

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 32KB - Virtual size: 55KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 32KB - Virtual size: 55KB

.rsrc
Size: 4KB - Virtual size: 3KB