686b76b84d48892d33878d7b24675648_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

686b76b84d48892d33878d7b24675648_JaffaCakes118
Size

110KB
MD5

686b76b84d48892d33878d7b24675648
SHA1

c9a962cb49e7550b09d4a45556d38a5ca4d66a21
SHA256

b0ec39511d9c72b9cb916cfae43f356be9b0149a5e943c950f727a296d541bb8
SHA512

a74f0fefe9889f0cf6aea2bad2754d8c97dc1dd9fb39daae51b371429951244a0e84752c2656f08c6150040f3959fc9ff37b2fecba910d0f74fb1bf628dd3c87
SSDEEP

1536:HsfT3GwcZatV1jZGcIy0IeFk8k2b4mwTQ8B+z4rSLZs8RNhLp6dZQgVpoADII:Mb3GwcZarTl8k2b0/mhMd+gzoAcI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
686b76b84d48892d33878d7b24675648_JaffaCakes118

Files

686b76b84d48892d33878d7b24675648_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f7e150cfb55e8506b20ac4e540a237f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleA
GetProcAddress
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
IsBadStringPtrW
WriteFile
lstrcmpW

msi

MsiCloseHandle
MsiCreateRecord
MsiDatabaseCommit
MsiDatabaseExportW
MsiDatabaseImportW
MsiDatabaseOpenViewW
MsiOpenDatabaseW
MsiRecordGetStringW
MsiRecordReadStream
MsiRecordSetStreamW
MsiRecordSetStringW
MsiViewClose
MsiViewExecute
MsiViewFetch

shlwapi

PathAddBackslashW
PathFindExtensionW

ucrtbase

__acrt_iob_func
__p___argc
__p___wargv
__stdio_common_vsprintf
__stdio_common_vswprintf
_configure_wide_argv
_get_initial_wide_environment
_initialize_wide_environment
_set_app_type
_strdup
exit
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcpy
strcspn
strlen
wcsrchr
wcsstr

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 160B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 4KB - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 4KB - Virtual size: 343B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f7e150cfb55e8506b20ac4e540a237f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msi

shlwapi

ucrtbase

Sections

.text Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 56B

.rdata Size: 4KB - Virtual size: 2KB

.bss Size: - Virtual size: 160B

.idata Size: 4KB - Virtual size: 1KB

/4 Size: 4KB - Virtual size: 128B

/19 Size: 32KB - Virtual size: 31KB

/31 Size: 4KB - Virtual size: 2KB

/45 Size: 8KB - Virtual size: 7KB

/57 Size: 4KB - Virtual size: 1KB

/70 Size: 4KB - Virtual size: 343B

/81 Size: 8KB - Virtual size: 7KB

.text
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 56B

.rdata
Size: 4KB - Virtual size: 2KB

.bss
Size: - Virtual size: 160B

.idata
Size: 4KB - Virtual size: 1KB

/4
Size: 4KB - Virtual size: 128B

/19
Size: 32KB - Virtual size: 31KB

/31
Size: 4KB - Virtual size: 2KB

/45
Size: 8KB - Virtual size: 7KB

/57
Size: 4KB - Virtual size: 1KB

/70
Size: 4KB - Virtual size: 343B

/81
Size: 8KB - Virtual size: 7KB