32fa3413969ec04608fcf94790adde42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32fa3413969ec04608fcf94790adde42_JaffaCakes118
Size

140KB
MD5

32fa3413969ec04608fcf94790adde42
SHA1

9ebb3a0dc773d5f3e4b73e70c10096df8fa6c2cb
SHA256

42a8fe2d71ce60e7eb869b955d8936ee97b843c2932ab14236e821aad90d60bc
SHA512

18231b4063d8e7b714227a5e621d7801cd7ccae3303d413742b0e4ad9cb512b2a55b495cda54f693478b9bc020f2d5c0959ec95c091324fb5ef4046bdf9dcbcd
SSDEEP

3072:Bp5y/vWY0/s7QkFmQseM5iV9fOBejC8B2JZJv4BYr+u:BpI/vWYn7pFmGM5GtO3TJZN4BC+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32fa3413969ec04608fcf94790adde42_JaffaCakes118

Files

32fa3413969ec04608fcf94790adde42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fb5943897b00e423048ec77e9d0c119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Byceho\uninas\Caj\Ijipoqo.pdb

Imports

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

ws2_32

WSACloseEvent
WSAConnect
WSAAddressToStringW
WSAWaitForMultipleEvents
WSAEnumNetworkEvents

userenv

UnloadUserProfile
DestroyEnvironmentBlock
CreateEnvironmentBlock

uxtheme

CloseThemeData
DrawThemeBackground
DrawThemeText
GetThemeFont
GetThemeBackgroundRegion

setupapi

SetupFindFirstLineW
SetupGetLineTextW
SetupFindNextLine
SetupCloseInfFile

kernel32

HeapReAlloc
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ReadFile
SetEndOfFile
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
CreateFileA
FlushFileBuffers
SetStdHandle
HeapSize
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
CloseHandle
WriteFile
GetFileSize
SetFilePointer
CreateFileW
DeleteCriticalSection
GetProfileStringW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetLastError
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6fb5943897b00e423048ec77e9d0c119

Headers

File Characteristics

PDB Paths

Imports

ole32

ws2_32

userenv

uxtheme

setupapi

kernel32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 56KB - Virtual size: 699KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 56KB - Virtual size: 699KB