14c9067c988f969aa35860d4d7ed84b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14c9067c988f969aa35860d4d7ed84b5_JaffaCakes118
Size

280KB
MD5

14c9067c988f969aa35860d4d7ed84b5
SHA1

9af6f70992e6d38d4051faeafdb7bd3edfd0ea03
SHA256

9847168c3677d23cd89ccae4fbf27373644a6dec73cdcfc89572f1a2733c6340
SHA512

e7dab982f59fa73fb732661fae9ac2cadbbb58c86d7dcbd8a5ca2312aa2c5aec8df8d43fea706936fb2933717f83794a6d64d7a95c4cacf8228fe20add497ef4
SSDEEP

6144:Kj8GJiTIoD7D1q7J4x3atugUyhhvaHrV6uZaa/UVDZG8yTc9IXDDapx2oOpdTEGx:KjYJq7J4x3aogUyhF8r8caa/UDG8yTQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c9067c988f969aa35860d4d7ed84b5_JaffaCakes118

Files

14c9067c988f969aa35860d4d7ed84b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5786d53baa89d938fabfecdd608906d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA

pk79

ord6692
ord2224
ord9599
ord1679
ord5338
ord6439
ord5656
ord8535
ord5364
ord9456
ord9804
ord7171
ord5319
ord4796
ord3161
ord9992
ord8119
ord3695
ord1870
ord6436
ord10011
ord1844
ord6326
ord136
ord5645
ord3027
ord8453
ord4416
ord5917
ord9776
ord3717
ord2511
ord5592
ord9241
ord3428
ord2900
ord3321
ord7077
ord8029
ord3872
ord9572
ord4649
ord5956
ord3565
ord4744
ord482
ord10104
ord2947
ord395
ord9666
ord1333
ord2138
ord3026
ord5981
ord955
ord6415
ord8205
ord332
ord2714
ord138
ord8854
ord5320
ord5249
ord7154
ord7251
ord8616
ord8671
ord2636
ord981
ord873
ord8136
ord4148
ord4772
ord4552
ord3426
ord781
ord3393
ord3969
ord9342
ord9072
ord341
ord8466
ord5624
ord8017
ord7458
ord9638
ord680
ord8968
ord7416
ord546
ord2760
ord3370
ord5012
ord8700
ord2929
ord1883
ord9439
ord3764
ord1748
ord1929
ord3964
ord918
ord7761
ord6209
ord83
ord6499
ord9626
ord734
ord740
ord2944
ord8876
ord7955
ord8850
ord2861
ord5700
ord8753
ord1111
ord7584
ord8733
ord7175
ord4908
ord8447
ord9118
ord4041
ord4052
ord2853
ord2950
ord7657
ord4587
ord1484
ord7226
ord5343
ord2531
ord6863
ord6375
ord1776
ord4569
ord8911
ord7259
ord7776
ord1270
ord5495
ord7696
ord439
ord9506
ord8561
ord9190
ord8162
ord6245
ord1109
ord4425
ord584
ord435
ord2620
ord2404
ord4633
ord9220
ord7257
ord9370
ord5632
ord1585
ord274
ord4232
ord9089
ord681
ord8715
ord3396
ord896
ord6078
ord3062
ord3465
ord6204
ord3173
ord6275
ord791
ord5047
ord2164
ord1756
ord4882
ord2983
ord3508
ord6075
ord3066
ord9427
ord9589
ord8716
ord4868
ord8667
ord8265
ord2476
ord7786
ord3150
ord2700
ord8884
ord5674
ord892
ord783
ord4580
ord9237
ord4348
ord219
ord7873
ord4928
ord6332
ord4664
ord7938
ord8720
ord9579
ord1898
ord2642
ord1708
ord8653
ord2072
ord7043
ord2266
ord4256
ord2195
ord7466
ord7563
ord1575
ord6127
ord8750
ord2858
ord10072
ord1404
ord8420
ord9348
ord9447
ord4604
ord8013
ord3283
ord773
ord9508
ord7514
ord4887
ord1872
ord10031
ord764
ord3511
ord1795
ord2797
ord379
ord3065
ord8900
ord4332
ord1158
ord9391
ord3913
ord2324
ord999
ord4053
ord2133
ord576
ord2523
ord8627
ord9246
ord5784
ord7017
ord6161

msvcr71

_controlfp
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
__CxxLongjmpUnwind
_setjmp3
_CxxThrowException
??2@YAPAXI@Z
memcpy
memcmp
memset
_purecall
strlen
__CxxFrameHandler
??3@YAXPAX@Z
_onexit

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

xdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_BSS
Size: - Virtual size: 128B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5786d53baa89d938fabfecdd608906d

Headers

File Characteristics

Imports

kernel32

pk79

msvcr71

Sections

.text Size: 80KB - Virtual size: 79KB

CONST Size: 4KB - Virtual size: 1KB

_TEXT Size: 124KB - Virtual size: 120KB

xdata Size: 8KB - Virtual size: 4KB

text Size: 8KB - Virtual size: 4KB

_BSS Size: - Virtual size: 128B

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 1KB

_DATA Size: 4KB - Virtual size: 460B

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 80KB - Virtual size: 79KB

CONST
Size: 4KB - Virtual size: 1KB

_TEXT
Size: 124KB - Virtual size: 120KB

xdata
Size: 8KB - Virtual size: 4KB

text
Size: 8KB - Virtual size: 4KB

_BSS
Size: - Virtual size: 128B

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 1KB

_DATA
Size: 4KB - Virtual size: 460B

.rsrc
Size: 28KB - Virtual size: 27KB