0920df1fb66986ddc47f40dbb52f21db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0920df1fb66986ddc47f40dbb52f21db_JaffaCakes118
Size

998KB
MD5

0920df1fb66986ddc47f40dbb52f21db
SHA1

c5a633adccc9faa06d0559c1d5e0184e3c9817b2
SHA256

3d392630778d77c5419a5a46f3e3f8fc074f8db924c7b00a79a479e86a4be263
SHA512

e43f58301d1ea67afb9c4f81903a5ea3292e71c575a78d025151695f94acf471e3ce28aaf861e544224b70ac2e8e410cdd8add1dc9fc45d469ff84b5918b3f4b
SSDEEP

12288:QArEFX2wJYCYYc+ruZUMLdOE5jrCUX2UiUhvtGENlyMib93MkEK3fjVRZAZhRw5x:8X2gAG4rpiqLyB9jVRqWAwSb5R8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0920df1fb66986ddc47f40dbb52f21db_JaffaCakes118

Files

0920df1fb66986ddc47f40dbb52f21db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

009ed71c9c5382fba6d938593013d0a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageGetDigestStream
ImageDirectoryEntryToData
ImageNtHeader
ImageRvaToVa

kernel32

FreeLibrary
GetLocaleInfoA
RemoveDirectoryA
FindClose
GetOEMCP
ReadFile
GetModuleHandleW
EndUpdateResourceW
LoadLibraryExA
GetSystemDirectoryA
InterlockedCompareExchange
InterlockedDecrement
CopyFileA
GetEnvironmentVariableA
FreeResource
GetACP
GetVersion
GlobalFree
BeginUpdateResourceW
GetFullPathNameW
DebugBreak
LocalFree
FindNextFileW
InterlockedExchange
RemoveDirectoryW
ExitProcess
lstrlenA
GetFileAttributesA
RaiseException
lstrcmpiA
UpdateResourceW
CloseHandle
GetFullPathNameA
SetFilePointer
IsDebuggerPresent
GetFileAttributesW
GetVersionExW
GetThreadLocale
OutputDebugStringA
GetFileInformationByHandle
GlobalAlloc
CopyFileW
lstrlenW
LoadLibraryExW
lstrcpyA
InterlockedIncrement
WideCharToMultiByte

user32

wsprintfW
CharNextW
CharNextA

ole32

CoUninitialize
CoCreateInstance
CLSIDFromString
CoInitialize
StringFromCLSID
StringFromIID
CoTaskMemFree

msvfw32

ICGetInfo
ICRemove

msvcrt

_initterm
__winitenv
vwprintf
strchr
atoi
wcsrchr
_onexit
_iob
__wgetmainargs
qsort
exit
__p__commode
_exit
?terminate@@YAXXZ
_XcptFilter
??1type_info@@UAE@XZ
_except_handler3
_wcsnicmp
__CxxFrameHandler
_purecall
??2@YAPAXI@Z
__setusermatherr
_cexit
free
_adjust_fdiv
_controlfp
_snprintf
_itoa
strncmp
__dllonexit
??3@YAXPAX@Z
_itow
wcsstr
_c_exit
fputs
realloc
wcslen
_CxxThrowException
__p__fmode
_vsnprintf
_snwprintf
_wcsicmp
memset
_vsnwprintf
__set_app_type
_wcslwr
iswspace

shell32

CommandLineToArgvW

Sections

.text
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

009ed71c9c5382fba6d938593013d0a5

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

ole32

msvfw32

msvcrt

shell32

Sections

.text Size: 706KB - Virtual size: 705KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 250KB

.rsrc Size: 37KB - Virtual size: 3.2MB

.text
Size: 706KB - Virtual size: 705KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 250KB

.rsrc
Size: 37KB - Virtual size: 3.2MB