a3df101a8d3e3214dac51c0b176b03cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3df101a8d3e3214dac51c0b176b03cc_JaffaCakes118
Size

387KB
MD5

a3df101a8d3e3214dac51c0b176b03cc
SHA1

a9c987f0775b47bb23912b8d9b8e18abe9766fb6
SHA256

6a622e3775b58d9139ed9f8b3939b66280929ae2e512883fee1463afd8eddf66
SHA512

b24212d267f466cd3c47e36bbcf09a973c629c567441a3511d4124585c259e7ea443b27a2eb302a9ce6078bfe476fd6156346b14564d19dc354291b56bee18bf
SSDEEP

6144:JGxHaB0EBomE2UhbRLilWeMwOcrDq6Tt64vub3XR9RoJwoJ:JG4HoD2OFOlW9wZrDq6Ttu3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3df101a8d3e3214dac51c0b176b03cc_JaffaCakes118

Files

a3df101a8d3e3214dac51c0b176b03cc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c03cf454379cf9432263cb5e62f8084

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

log

?LogLevel@@3IA

version

VerQueryValueW

user32

SetTimer

advapi32

RegCloseKey

shell32

SHGetFolderPathA

msvcp140

?_BADOFF@std@@3_JB

ws2_32

bind

shlwapi

PathAppendW

netapi32

Netbios

winmm

timeGetTime

vcruntime140

strstr

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-string-l1-1-0

strspn

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-stdio-l1-1-0

fputs

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-multibyte-l1-1-0

_mbschr

api-ms-win-crt-filesystem-l1-1-0

_stat64

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

wldap32

ord33

crypt32

CertOpenStore

Sections

.MPRESS1
Size: 185KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8c03cf454379cf9432263cb5e62f8084

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

log

version

user32

advapi32

shell32

msvcp140

ws2_32

shlwapi

netapi32

winmm

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

wldap32

crypt32

Sections

.MPRESS1 Size: 185KB - Virtual size: 708KB

.MPRESS2 Size: 4KB - Virtual size: 4KB

.rsrc Size: 197KB - Virtual size: 196KB

.MPRESS1
Size: 185KB - Virtual size: 708KB

.MPRESS2
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 197KB - Virtual size: 196KB