251d5134cd5a49122517f8c3f344110f_JaffaCakes118

General

Target

251d5134cd5a49122517f8c3f344110f_JaffaCakes118
Size

272KB
MD5

251d5134cd5a49122517f8c3f344110f
SHA1

eff189520f8937a4ff35d7b756311e6d56632fe5
SHA256

1c0c5ec2bd56e2f0b1eea9d18c9b957c817078e7b204504fae0c74477a43b9aa
SHA512

54ffc71d65111bd94628e2d485682310c0f239f9d531219f46b38af4fec3e973c17466253fc18151a1ace239da24b10d19cbab1a6ebe86d6552221f70960b327
SSDEEP

6144:pqKRNaIEv8Z+Cacip5jZ7NfwbzZl7M2iqaw6RHghcu7HFe0Cf:1RNaIEv8kCacaZut8HKjY0C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
251d5134cd5a49122517f8c3f344110f_JaffaCakes118

Files

251d5134cd5a49122517f8c3f344110f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05fb33cffcc3a24f9aec1624e3ddd133

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
IsBadReadPtr
OpenProcess
FlushInstructionCache
MulDiv
GetLocaleInfoW
QueryPerformanceFrequency
GlobalFree
GlobalAlloc
GlobalLock
GetSystemDirectoryW
CreateEventA
GlobalMemoryStatus
LeaveCriticalSection
FileTimeToSystemTime
LoadLibraryW
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
WideCharToMultiByte
CreateProcessW
Sleep
GetTickCount
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
MoveFileW

msvcr71

wcslen
free
malloc
atoi
fclose
fwrite
fputs
fseek
fopen
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp

Exports

Exports

apodzsbkf
fhbnayjcqaraxlnamqghgzkzq
sucuteljcaelbyccawxqkwnvp

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05fb33cffcc3a24f9aec1624e3ddd133

Headers

File Characteristics

Imports

kernel32

msvcr71

Exports

Exports

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 100KB - Virtual size: 354KB

.rsrc Size: 1024B - Virtual size: 944B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 100KB - Virtual size: 354KB

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 5KB - Virtual size: 4KB