082c0c2de6d4969f9e47cb33e8b08d37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

082c0c2de6d4969f9e47cb33e8b08d37_JaffaCakes118
Size

172KB
MD5

082c0c2de6d4969f9e47cb33e8b08d37
SHA1

c9e9fbab474705e85248f4e5e871400e33520ef0
SHA256

698c4baf461fb46f488d529735e05240ff5b564413edb2727b732957f403e057
SHA512

a7a3aec6119d8635dae6a26f35f100cf3e9928c28de6b252646c44aee27969333f3b3387790aac7762940d1dba6e0a33afa75661743739cb685dc3048537d1d5
SSDEEP

3072:3vn6WXuG1xcg7i2zhSOWOUlguF54uOzbcagWPlI3wPbjfuL+:CWJcg7/lSbOdCWHbkWe0u6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082c0c2de6d4969f9e47cb33e8b08d37_JaffaCakes118

Files

082c0c2de6d4969f9e47cb33e8b08d37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

676812760256501fa8f66cef0a31dba3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
InitializeCriticalSection
FindClose
FindFirstFileA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
GetFileAttributesA
InterlockedIncrement
lstrlenW
FlushInstructionCache
GetCurrentProcess
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoW
ReadFile
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
CloseHandle
Sleep
InterlockedExchange
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetLastError
RtlUnwind
GetFullPathNameA
RaiseException
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
HeapSize
GetCurrentDirectoryA
GetDriveTypeA
SetUnhandledExceptionFilter
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetFilePointer
FlushFileBuffers

user32

GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
PostQuitMessage

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

LoadRegTypeLi
SysStringLen
DispCallFunc
VariantClear
SysFreeString
GetErrorInfo
SysAllocString

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.erdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

676812760256501fa8f66cef0a31dba3

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 24KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 1KB

.erdata Size: 20KB - Virtual size: 20KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 24KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 1KB

.erdata
Size: 20KB - Virtual size: 20KB