23a57e8ab008892d81308c1c868a5270_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23a57e8ab008892d81308c1c868a5270_JaffaCakes118
Size

221KB
MD5

23a57e8ab008892d81308c1c868a5270
SHA1

00f3565aa6cb02ffebf1d95ff3e0a0726576815e
SHA256

fbd0682fe9e22d3b7c62ac09d20e43e49d4b5a1439847e02c93292c351ca899e
SHA512

49349bc03f0eb0563d8e780e206a8d8907a6aed0563b81bf86ae5be95147cbeaabba41990f81383024f831d7a1d1c93de29063e8c6ccec89a187a71c9eca26b1
SSDEEP

3072:5eZ8VyjV5a+JM158zQDsJSvvwpTZQf+1uUkcVK0Lu/HiVv8e:gZV5aiM/YQYOAFQf+1hfVK0C/Q8e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23a57e8ab008892d81308c1c868a5270_JaffaCakes118

Files

23a57e8ab008892d81308c1c868a5270_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d1c541f183889bc537281c3f6a73d869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
WaitForSingleObject
TlsSetValue
LeaveCriticalSection
SetThreadAffinityMask
OpenProcess
GetThreadContext
EnterCriticalSection
GlobalMemoryStatus
MultiByteToWideChar
IsDebuggerPresent
GetEnvironmentStrings
HeapReAlloc
InterlockedDecrement
GetLocaleInfoA
GetCurrentDirectoryA
TerminateProcess
ExpandEnvironmentStringsA
LCMapStringA
lstrcpyA
lstrcpynA
WideCharToMultiByte
SetLastError
HeapCreate
GetFileTime
FindFirstFileA
SetEndOfFile
GetProcAddress
GetProcessWorkingSetSize
GetEnvironmentStringsW
HeapAlloc
GetOEMCP
Module32Next
GlobalAddAtomA
QueryPerformanceFrequency
GetSystemInfo
GetVersion
GetCurrentProcess
GetCurrentProcessId
ResetEvent
CloseHandle
GetDateFormatA
SetEnvironmentVariableA
GlobalReAlloc
GetDriveTypeA
SetEvent
GetComputerNameW
Module32First
SetFilePointer
GetStringTypeA
GetNumberFormatA
lstrcmpA
CreateProcessA
GlobalAlloc
SearchPathA
LoadResource
GetEnvironmentVariableA
CreateFileA
GetConsoleCP
UnhandledExceptionFilter
MulDiv
GetLastError
DeleteCriticalSection
WriteConsoleA
SizeofResource
GetFileType
ReadFile
IsBadStringPtrA
DuplicateHandle
LoadLibraryW
RaiseException
SetUnhandledExceptionFilter
GetVersionExA
PulseEvent
GetSystemDirectoryA
GetCurrentThread
TlsFree
ExitProcess
DeviceIoControl
InterlockedExchange
GetModuleHandleA
LockResource
InterlockedIncrement
GetACP
GetStringTypeW
GetProcessAffinityMask
LocalFree
UnmapViewOfFile
CreateEventA
InitializeCriticalSection
GetConsoleOutputCP
VirtualAlloc
GetStartupInfoA
Sleep

msvcrt

memcpy
_gcvt
putwc
_findfirsti64
_wrmdir
__p__commode
_tzname
wcsxfrm
_fcloseall
_pclose
_XcptFilter
_utime64
_fgetwchar
_mbstrlen
_daylight
_fsopen
wcstok
_adj_fdivr_m32
_ismbblead
longjmp
mbstowcs
wcsncpy
fclose
_aexit_rtn
_ungetch
wcstoul
_strnicmp
sscanf
putc
islower
isdigit
_mbsset
_safe_fprem
fgetc
_atoldbl
_snscanf
_getche
_get_sbh_threshold
_spawnlpe
_fstat64
remove
_rmtmp
_wmkdir
_global_unwind2
mktime
_controlfp
_heapset
iswgraph
_outpw
_futime64
_seh_longjmp_unwind
_wstrtime
_strlwr
_exit
gmtime
_isnan
_wopen
_memicmp
_ismbbkpunct
_rotl
_mbsnbcnt
floor
_findfirst64
strpbrk
_logb
_adj_fdiv_m64
_adjust_fdiv
_assert
_write
_strdup
_putw
_adj_fptan
_mbctoupper
putwchar
ungetwc
_mbsinc
_itow
_adj_fdivr_m16i
__getmainargs
log10
isxdigit
_ismbbpunct
_wspawnlp
_getcwd
_wcreat
_wcsnicoll
_initterm
_pgmptr
_longjmpex
_chmod
_umask
__p__fmode
ctime
_endthreadex
_wenviron
_cwscanf
acos
_snwscanf
_msize
_mbcjmstojis
_vscprintf
fgetpos
_futime
_fileno
gets
_except_handler3
iswalnum
_acmdln
bsearch
_open
_finite
_wfullpath
_close
strlen
exit
_wutime64
_setjmp
_strnicoll
raise
tan
strtok
__setusermatherr
_cgets
wcspbrk
_dstbias
_execvpe
frexp
atexit
_getmaxstdio
_set_SSE2_enable
_mkdir
_eof
_mbctombb
_spawnv
_mbclen
_ismbcdigit
wcscspn
_aligned_malloc
_wfopen
_cscanf
__set_app_type
tanh
_inp
fprintf
_wremove
setbuf
_wfreopen
_snprintf
ldiv
_chdir
_tzset
_unlock
_mbsicoll
_wfindnext
_cwprintf
memcmp
_strncoll
_setsystime

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1c541f183889bc537281c3f6a73d869

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 206KB - Virtual size: 205KB

.data Size: 512B - Virtual size: 85B

.rsrc Size: 512B - Virtual size: 284B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 206KB - Virtual size: 205KB

.data
Size: 512B - Virtual size: 85B

.rsrc
Size: 512B - Virtual size: 284B