9896fb8b0eb1651dfb2fb3df9d6f548b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9896fb8b0eb1651dfb2fb3df9d6f548b_JaffaCakes118
Size

1.0MB
MD5

9896fb8b0eb1651dfb2fb3df9d6f548b
SHA1

cff36b0ae3105bdcfe655d4c2b634db579436c1d
SHA256

bcf30a8940764195496fd62140eb3368cc6f481ce2bdea9ec28856a557c605ed
SHA512

0d1bb7d51ee6c6bd8bdce2a0a6b8e8eb05144749e71b3e5d6a54038bfb23b2fe5dfbb0466b19c70ca6a4461a07e32b26acebcc7fbd2a7ad1357d3b1b732a81a5
SSDEEP

24576:QJr/BQ7Oq2LuC1xx7NxudD6xyIgKDTrWpDshQaVN/apm3s20:oi7w9juJH+WpAJV0pma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9896fb8b0eb1651dfb2fb3df9d6f548b_JaffaCakes118

Files

9896fb8b0eb1651dfb2fb3df9d6f548b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

90f165b3d89b433da3c4fd587a800cf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetVersion
GlobalAlloc
GlobalUnlock
VirtualAlloc
HeapFree
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount
LoadResource
CloseHandle
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetCommandLineW
FindResourceW
GetModuleHandleA
GetStartupInfoA

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__getmainargs
_except_handler3
_controlfp
_XcptFilter
_exit
_acmdln
__set_app_type
exit

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayPutElement
VariantClear
VariantCopyInd
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBstrFromDate
VarBstrFromBool
VarNeg
VarNot
GetErrorInfo
CreateErrorInfo
SysAllocStringLen
SysFreeString
SysStringLen
SafeArrayGetUBound
SafeArrayGetElement

psapi

EnumDeviceDrivers
GetProcessImageFileNameW

mpr

WNetGetConnectionW
WNetOpenEnumW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.482m
Size: 469KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tebcg
Size: 522KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90f165b3d89b433da3c4fd587a800cf3

Headers

File Characteristics

Imports

kernel32

msvcrt

oleaut32

psapi

mpr

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 7.2MB

.482m Size: 469KB - Virtual size: 469KB

.tebcg Size: 522KB - Virtual size: 521KB

.rsrc Size: 9KB - Virtual size: 10KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 7.2MB

.482m
Size: 469KB - Virtual size: 469KB

.tebcg
Size: 522KB - Virtual size: 521KB

.rsrc
Size: 9KB - Virtual size: 10KB