343b7d9929cfdab7e596ae27ad6abc7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

343b7d9929cfdab7e596ae27ad6abc7b_JaffaCakes118
Size

388KB
MD5

343b7d9929cfdab7e596ae27ad6abc7b
SHA1

d85d45fe594ee6d46bf8974254fbf88a4093643f
SHA256

c606bce6e0d04adbd8431f5799b099f1b4caa6c66810009097ec775e1ca7b028
SHA512

0cf12a4ecc3b7221f64a390b074169f007215b45fbceae464338e4a287d7cb3da790a902f8596336dc21ed5d66d9b908fc6b0320d31bf5fea0fdaac4bf62625d
SSDEEP

6144:yJGKoYGQJ6Gz8NnFPmWVRXGbQaXeIDnYsZXSP7YZS6Tni1ojDuUlX:y4YJoNnFhVwNeSjZYYZkeDuUlX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
343b7d9929cfdab7e596ae27ad6abc7b_JaffaCakes118

Files

343b7d9929cfdab7e596ae27ad6abc7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e15a9740d791f4fe134f6bd3f0263e60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
GetModuleHandleA
GetLastError
GetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GetCurrentProcess
GetProcAddress
Sleep
GetCommandLineA
CloseHandle
GetFileSize
CreateFileA
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
OutputDebugStringA
WriteFile
GetUserDefaultLangID
GetVersionExA
GetEnvironmentVariableA
GetShortPathNameA
GetSystemDirectoryA
GetLocaleInfoA
GetSystemDefaultLangID
TerminateProcess
HeapAlloc
HeapFree
GlobalFree
GlobalAlloc
WaitForSingleObject
GetStartupInfoA
MultiByteToWideChar
DeleteFileA
lstrcmpA
FlushFileBuffers
GetDriveTypeA
lstrcatA
SetLastError
LocalFree
FormatMessageA
MoveFileA
CompareFileTime
GetFileTime
OpenFile
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateMutexA
OpenMutexA
LocalAlloc
InterlockedExchange
RaiseException
GetCurrentThread
lstrcmpiA
GlobalLock
lstrlenA
lstrcpynA
lstrcpyA
TlsAlloc
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GlobalFindAtomA
GlobalGetAtomNameA
GetVersion
GetProcessVersion
ReadFile
SetFilePointer
SetEndOfFile
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e15a9740d791f4fe134f6bd3f0263e60

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 32KB - Virtual size: 111KB

.rsrc Size: 136KB - Virtual size: 133KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 32KB - Virtual size: 111KB

.rsrc
Size: 136KB - Virtual size: 133KB