38f557ac44b918a562d4d1bc9e295d33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38f557ac44b918a562d4d1bc9e295d33_JaffaCakes118
Size

998KB
MD5

38f557ac44b918a562d4d1bc9e295d33
SHA1

ec5563e06d5faad927953ab75f4bb9c614624ad7
SHA256

148a19bd87107b9a5ec30faf3abde6759cf6671e2340a412ef0fb67cfdb5df01
SHA512

083d5098c278f1bf6963aaa41e2273a08d4277b44337ca2b896499b7ae6e930599ebadfc31bfcc802dc7539a18adc63883797d0ebb344e7bd958e2a9250905c7
SSDEEP

24576:fAWWQFvyyNeinL9UXktUzIuv7PSqh0lcW8G0zRdISG:BWQEyNei+ktx6hmcW8GvS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38f557ac44b918a562d4d1bc9e295d33_JaffaCakes118

Files

38f557ac44b918a562d4d1bc9e295d33_JaffaCakes118
.exe windows:5 windows x86 arch:x86

575cad5bd13f06de1df074dba0ec96f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageNtHeader
ImageDirectoryEntryToData
ImageRvaToVa
ImageGetDigestStream

msvcrt

_vsnprintf
__p__fmode
_snwprintf
realloc
_itoa
__set_app_type
_adjust_fdiv
free
_exit
_CxxThrowException
_wcslwr
_XcptFilter
_initterm
__dllonexit
_cexit
_onexit
__p__commode
wcslen
_snprintf
strncmp
wcsrchr
memset
_vsnwprintf
exit
??1type_info@@UAE@XZ
??2@YAPAXI@Z
_wcsicmp
_except_handler3
__wgetmainargs
__winitenv
qsort
vwprintf
__setusermatherr
_itow
atoi
wcsstr
_wcsnicmp
_purecall
??3@YAXPAX@Z
_c_exit
strchr
?terminate@@YAXXZ
_controlfp
iswspace
__CxxFrameHandler
_iob
fputs

user32

wsprintfW
CharNextW
CharNextA

ole32

StringFromCLSID
CoUninitialize
CoCreateInstance
CoTaskMemFree
StringFromIID
CoInitialize
CLSIDFromString

msvfw32

ICGetInfo
ICRemove

shell32

CommandLineToArgvW

kernel32

ReadFile
RemoveDirectoryA
GetEnvironmentVariableA
lstrlenA
FindNextFileW
GetModuleHandleW
LoadLibraryExW
GlobalFree
DebugBreak
FindClose
lstrcmpiA
InterlockedDecrement
FreeResource
EndUpdateResourceW
GetFileInformationByHandle
CopyFileA
GetThreadLocale
InterlockedIncrement
RemoveDirectoryW
BeginUpdateResourceW
ExitProcess
lstrlenW
InterlockedExchange
LocalFree
GetLocaleInfoA
GetFileAttributesA
GetFullPathNameA
LoadLibraryExA
GetVersion
CloseHandle
GetVersionExW
IsDebuggerPresent
GetSystemDirectoryA
GlobalAlloc
GetFullPathNameW
FreeLibrary
GetFileAttributesW
OutputDebugStringA
GetACP
GetOEMCP
InterlockedCompareExchange
UpdateResourceW
RaiseException
CopyFileW
lstrcpyA
SetFilePointer
WideCharToMultiByte

Sections

.text
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

575cad5bd13f06de1df074dba0ec96f2

Headers

File Characteristics

Imports

imagehlp

msvcrt

user32

ole32

msvfw32

shell32

kernel32

Sections

.text Size: 706KB - Virtual size: 705KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 251KB

.rsrc Size: 37KB - Virtual size: 3.2MB

.text
Size: 706KB - Virtual size: 705KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 251KB

.rsrc
Size: 37KB - Virtual size: 3.2MB