226ce8908d003659bc5ea947513c94bd_JaffaCakes118

General

Target

226ce8908d003659bc5ea947513c94bd_JaffaCakes118
Size

202KB
MD5

226ce8908d003659bc5ea947513c94bd
SHA1

7a3a3d21e20e7d561fd3a67a10e3789fbb1feabc
SHA256

fec3ed97bd4e96db0379f834eefc1675c015e536450b98382d99c12f032d750a
SHA512

68adc7bf94c3b72d76a836f9a75f8508f0211db3981bce7ed5baf6044dbc6515ac608650f72a4ded42afef108de62713730b689c21a94c3daafc2d5a79b46269
SSDEEP

3072:vvNSeYy7zOZwAPdo/dUBPI7mbIcGMC8NGJ5UD+umo5a9z0FEMA:vvNSe9IwA6/qBIHnMC8NGJyD+Dx0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
226ce8908d003659bc5ea947513c94bd_JaffaCakes118

Files

226ce8908d003659bc5ea947513c94bd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c6025b5d34346f5a70532935593f5dfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbsicoll
_XcptFilter
_getmaxstdio
_adjust_fdiv
_wstrtime
_initterm
strrchr
_close
_except_handler3
__setusermatherr
gets
_wcslwr
__p__commode
towupper
memcpy
_longjmpex
__getmainargs
fwscanf
__p__fmode
_findclose
vswprintf
_controlfp
_mbsnextc
_wcsncoll
sin
_get_osfhandle
_wtoi
strcspn
__set_app_type
exit
_wcreat
_wcstoi64
_i64toa
_mbctolower
_mbsdup
_wchmod
_wcsset
labs
_wstati64
_purecall
_mbsnbcoll
_acmdln
iswalpha
toupper
_lrotr
_exit
time
_beep

kernel32

WaitForMultipleObjects
GetACP
GetLastError
GetSystemInfo
LocalFree
lstrcmpiA
GetCurrentThreadId
SetEnvironmentVariableA
HeapCreate
SetHandleCount
GetStringTypeW
GetThreadContext
CreateProcessA
GetStartupInfoA
IsDebuggerPresent
HeapAlloc
ReadFile
VirtualAlloc
IsBadStringPtrA
MultiByteToWideChar
DeleteFileA
EnterCriticalSection
ResetEvent
IsValidCodePage
LockResource
CreateEventW
SizeofResource
QueryPerformanceCounter
HeapReAlloc
TerminateProcess
WriteConsoleA
SetEndOfFile
GetCurrentThread
MulDiv
SetStdHandle
IsBadReadPtr
GetModuleHandleA
FileTimeToLocalFileTime

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6025b5d34346f5a70532935593f5dfb

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 187KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 176KB

.rsrc Size: 512B - Virtual size: 104B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 187KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 176KB

.rsrc
Size: 512B - Virtual size: 104B