396cdd50e44f131abd1c46fc80da1aee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

396cdd50e44f131abd1c46fc80da1aee_JaffaCakes118
Size

98KB
MD5

396cdd50e44f131abd1c46fc80da1aee
SHA1

f1cdf8e2940f19edd2e09c51552aa7644c2c9a24
SHA256

d5183eda0ab6c24bef378ecc996982157885ab4886e8a28cc5a1d0e8809d8e58
SHA512

35e98c627833726840534bc0f4859fd1bd1c089a014b415540d54802a06549b21fd545111c65c418d0d163050a2c01d0a58f49b880028a699bb9e399207f069e
SSDEEP

1536:edhoMYY0HmP2A3EypudzLCAfYJqS/YCmrgF2y0gldtjuQS:C0HBA3EyA9CAfYPYRrO0gJuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
396cdd50e44f131abd1c46fc80da1aee_JaffaCakes118

Files

396cdd50e44f131abd1c46fc80da1aee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f6bf48a665172e206659c0f2d7618c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
_lclose
_llseek
OpenFile
GetWindowsDirectoryA
Sleep
GetPrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileIntA
_lwrite
LoadLibraryA
FreeLibrary
DeleteFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
FormatMessageA
GetLastError
FindFirstFileA
FindNextFileA
FindClose
GetProcAddress
SetFileApisToOEM
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
WideCharToMultiByte
GetFullPathNameA
GetLocalTime
GetSystemTime
HeapAlloc
HeapFree
MultiByteToWideChar
CloseHandle
DuplicateHandle
GetCurrentProcess
HeapReAlloc
ExitProcess
TerminateProcess
SetStdHandle
GetFileType
CreatePipe
MoveFileA
SetHandleCount
GetStdHandle
GetStartupInfoA
SetConsoleCtrlHandler
RtlUnwind
GetCommandLineA
GetVersion
GetCPInfo
_lread
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ReadFile
FlushFileBuffers
WriteFile
SetEnvironmentVariableW
SetEnvironmentVariableA
GetDriveTypeA
IsBadReadPtr
GetTimeZoneInformation
SetFilePointer
GetFileAttributesA
CreateFileA
GetCurrentProcessId
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEndOfFile
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
IsBadWritePtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetLocaleInfoW
CreateProcessA
FileTimeToSystemTime
SetFileTime
GetFileInformationByHandle
PeekNamedPipe
SetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateDirectoryA
RemoveDirectoryA

user32

CharToOemA

p2xdll

CreateCPerl
PerlGetVersion
InitDLLData

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f6bf48a665172e206659c0f2d7618c7

Headers

File Characteristics

Imports

kernel32

user32

p2xdll

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB