364ca7fc77815078eae7058066bc834e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

364ca7fc77815078eae7058066bc834e_JaffaCakes118
Size

197KB
MD5

364ca7fc77815078eae7058066bc834e
SHA1

dd639a06f51bde50f84f9855d435db4463a23494
SHA256

e847ccf6c9dd3a1f8b2b22067f66bc6b63966ae6893966acf9a4313ed7552bc9
SHA512

fe554829cb78311d241bf0373bc173149423055137435c2ecce247c4aacc8c38d33595e1ae32a2b22791d81be04f25b6571e8422e1f9f80923b86dffb1a10ba5
SSDEEP

6144:UN+7sEZ+++eC5QM5KBIr7ILcQCgttfI28TOo:UN5rUgkLcQNbfiTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
364ca7fc77815078eae7058066bc834e_JaffaCakes118

Files

364ca7fc77815078eae7058066bc834e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc2972e7f3da9bc9dea1d9739e5aaa41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TerminateProcess
SetFileAttributesA
CreateFiberEx
LoadLibraryExA
lstrlenA
UnhandledExceptionFilter
GetFullPathNameA
lstrcmpiA
MoveFileW
UpdateResourceW
WriteFile
FindFirstFileA
GetCurrentDirectoryW
UnmapViewOfFile
SizeofResource
GetVersionExA
IsDebuggerPresent
GetCurrentProcessId
GetModuleHandleW
_lwrite
SetUnhandledExceptionFilter
RemoveDirectoryA
FreeLibrary
OutputDebugStringA
HeapReAlloc
GetTempFileNameW
EnumResourceNamesW
CreateFileMappingA
DeleteFileW
MultiByteToWideChar
LockResource
DeleteFileA
LeaveCriticalSection
RemoveDirectoryW
FindNextFileW
GetCommandLineW
GetFullPathNameW
CopyFileA
CreateFileW
ExitProcess
CopyFileW
_lclose
EscapeCommFunction
GetCurrentThreadId
FreeResource
CreateDirectoryW
GetVersion
WideCharToMultiByte
GetACP
GetTickCount
SetEndOfFile
InterlockedCompareExchange
EnterCriticalSection
InterlockedIncrement
GetFileAttributesW
InitializeCriticalSection
InterlockedDecrement
FindFirstFileW
InterlockedExchange
EnumResourceTypesW
FormatMessageW
LoadLibraryA
ReadFile
EnumResourceNamesA
FindNextFileA
CreateFileA
GetProcAddress
GetLastError
GetCurrentProcess
GetTempPathW
DeleteCriticalSection
GetFileAttributesA
FatalExit
_lread
GetProcessHeap
GetThreadLocale
CreateDirectoryA
GlobalFree
GlobalUnlock
FindResourceExW
RaiseException
EndUpdateResourceW
HeapAlloc
GetLocaleInfoA
LocalFree
CloseHandle
GetFileInformationByHandle
MapViewOfFile
GetFileSize
HeapFree
GlobalLock
GetVersionExW
SetLastError
SetFilePointer
GetStringTypeExW
AreFileApisANSI
GetSystemDirectoryA
_llseek
DebugBreak
FindClose
GetEnvironmentVariableA
Sleep
QueryPerformanceCounter
FindResourceW
EnumResourceLanguagesW
SetFileAttributesW
BeginUpdateResourceW
HeapDestroy
HeapSize
LoadResource
GlobalAlloc
GetOEMCP
LoadLibraryExW
lstrlenW
GetSystemTimeAsFileTime
lstrcpyA

msvfw32

ICInfo

shell32

CommandLineToArgvW

advapi32

CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptDestroyHash

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

psapi

GetProcessMemoryInfo

user32

CharNextA
MonitorFromWindow
wsprintfW
CharNextW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc2972e7f3da9bc9dea1d9739e5aaa41

Headers

File Characteristics

Imports

kernel32

msvfw32

shell32

advapi32

imagehlp

psapi

user32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 356KB