197c02bd12672ca49fa8eccc14204cae_JaffaCakes118

General

Target

197c02bd12672ca49fa8eccc14204cae_JaffaCakes118
Size

168KB
MD5

197c02bd12672ca49fa8eccc14204cae
SHA1

5fcd16f9c004822fe3ef61929b7af599efc5a294
SHA256

bb6f36b57beca2b4769b864ed661db071889a772b2d41b045dd670b23623874d
SHA512

d98a7195ec74b8efbd320282b33aa258c30092bdd98a047649dc84436acc45648fd9844d8f715f9194c28b27ac7b357cd8182e09a61a9a482d821e6337d46169
SSDEEP

3072:4HxpCoJjm9vNspA/iijaer+KfXIxw2TzIdlebAdNBMAzDjyp:uCoJjssKWeyKIxHTzCAAdNKAz/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
197c02bd12672ca49fa8eccc14204cae_JaffaCakes118

Files

197c02bd12672ca49fa8eccc14204cae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

11b156bdfcfb950c310119bc9c3337a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetPrivateProfileIntA
OpenSemaphoreA
OpenMutexA
SetFileAttributesA
LoadLibraryExW
UpdateResourceA
ReadConsoleInputA
QueryInformationJobObject
GetPriorityClass
GetCommState
Heap32ListFirst
GetThreadSelectorEntry
GetTempPathA
ReadFileEx
GetConsoleTitleA
LoadResource
SetProcessPriorityBoost
CreateThread
LZCloseFile
ExitProcess
WritePrivateProfileStructA
CreateMutexA
TransmitCommChar
HeapFree
HeapUnlock
SetConsoleCursorInfo
LockFile
GetEnvironmentStringsA
GetCurrentProcess
GlobalGetAtomNameA
GetVolumePathNameA
HeapSummary
VirtualAlloc
lstrcpynA
GetExitCodeProcess
lstrlenA
BuildCommDCBAndTimeoutsA
FreeConsole
GetDateFormatA
LZCopy
EnumResourceTypesA
GetProcessPriorityBoost
Module32Next
SetLastConsoleEventActive
AssignProcessToJobObject
SetLocalPrimaryComputerNameA
SetProcessWorkingSetSize
ResetEvent
GlobalHandle
FillConsoleOutputAttribute
SetSystemTime
AddConsoleAliasA
ExpungeConsoleCommandHistoryA

dplayx

DirectPlayCreate

odbc32

SQLGetDescField

Sections

.rdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11b156bdfcfb950c310119bc9c3337a7

Headers

File Characteristics

Imports

kernel32

dplayx

odbc32

Sections

.rdata Size: 153KB - Virtual size: 152KB

.itext Size: 12KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

.rdata
Size: 153KB - Virtual size: 152KB

.itext
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB