19c988f797d370ecb173569d0abe31af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19c988f797d370ecb173569d0abe31af_JaffaCakes118
Size

96KB
MD5

19c988f797d370ecb173569d0abe31af
SHA1

bc4e3a89591d103c5e6e282b656c2b863480ff67
SHA256

c843782277f86d4e3bbd21123bd7ff9082fbf95d022df0e7b27dccb6c7f51e20
SHA512

0d589cf6accdc2958100347e76f668162a5ab772d32718ceb6dec7a57261de06dce4697dd8e03fca7b495cd26aa3cbbc42a9d2b366fe670528ecbc2b5881f10c
SSDEEP

1536:2+wdrUyDIR6BzCp6ZHAScQDKk0d5kB5v:2+w1UAzCUZgScQz0dKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c988f797d370ecb173569d0abe31af_JaffaCakes118

Files

19c988f797d370ecb173569d0abe31af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7267e8cc08fd1b6f5ed6db570b263823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord4698
ord5289
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord4160
ord5302
ord4079
ord2725
ord2396
ord5300
ord3346
ord3922
ord5199
ord1089
ord2554
ord5731
ord2512
ord4274
ord4486
ord6375
ord825
ord4673
ord823
ord858
ord5683
ord4129
ord2915
ord2818
ord540
ord2976
ord3830
ord800
ord860
ord6662
ord354
ord3663
ord2393
ord5450
ord5440
ord6383
ord537
ord3258
ord1265
ord2233
ord1799
ord2727
ord6467
ord2730
ord2729
ord3353
ord654
ord772
ord610
ord801
ord614
ord341
ord500
ord287
ord541
ord290
ord4003
ord538
ord5603
ord5606
ord5602
ord5608
ord5858
ord5860
ord6883
ord5857
ord5861
ord939
ord6140
ord6142
ord6139
ord6143
ord3981
ord3986
ord6781
ord3979
ord4226
ord446
ord743
ord3127
ord3616
ord5651
ord3126
ord3613
ord350
ord3579
ord5572
ord535
ord6394
ord1168
ord1576

msvcrt

strlen
sprintf
memcpy
memmove
??1type_info@@UAE@XZ
_mbscmp
_setmbcp
_adjust_fdiv
_XcptFilter
_exit
__setusermatherr
_initterm
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
memset
exit
__getmainargs
_acmdln
__CxxFrameHandler
_onexit
__dllonexit

kernel32

DeleteFileA
GetTempPathA
CreateDirectoryA
CreateProcessA
CloseHandle
GetLastError
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetTempFileNameA

user32

MessageBoxA

ole32

StgOpenStorage
StgCreateDocfile
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7267e8cc08fd1b6f5ed6db570b263823

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

ole32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 56KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 56KB