3ef519ea9d0ba6543abc8ef85a37beed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ef519ea9d0ba6543abc8ef85a37beed_JaffaCakes118
Size

973KB
MD5

3ef519ea9d0ba6543abc8ef85a37beed
SHA1

6a0d46e302666a5f8a808ae951a654c4fff3b621
SHA256

3b6af82149b562a2165bae9a8bb9501af3be90337be7308019b0b902f510b1a9
SHA512

6b4a69bc3c9c574c4a5fd46421c0a6aaaaa7c370df40583a3885bf30dffd85d4c6bb87964f11e95a1fcc5c08cf98858a01a066f7a6ed44e6fb20fe9e6b77d665
SSDEEP

24576:tEh18BHJZXPjd+XLkijPLjVcRaE3KZCZ:6h+Brp+bxjP6Rn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ef519ea9d0ba6543abc8ef85a37beed_JaffaCakes118

Files

3ef519ea9d0ba6543abc8ef85a37beed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d4d3278050e53f690484ee18587486b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibRealize
ICRemove

kernel32

FindClose
ReadFile
GetEnvironmentVariableA
GlobalAlloc
GetVersionExW
GlobalFree
WideCharToMultiByte
GetLocaleInfoA
FindNextFileW
lstrcmpiA
GetSystemDirectoryA
LoadLibraryExW
RemoveDirectoryW
RemoveDirectoryA
FreeResource
lstrlenW
SetFilePointer
LocalFree
GetFileInformationByHandle
InterlockedExchange
BeginUpdateResourceW
GetFileAttributesW
EndUpdateResourceW
GetFullPathNameW
DebugBreak
CloseHandle
LoadLibraryExA
InterlockedCompareExchange
lstrcpyA
RaiseException
IsDebuggerPresent
GetThreadLocale
CopyFileA
InterlockedIncrement
GetOEMCP
ExitProcess
UpdateResourceW
InterlockedDecrement
lstrlenA
FreeLibrary
GetFileAttributesA
CopyFileW
OutputDebugStringA
GetFullPathNameA
GetVersion
GetACP
GetModuleHandleW

ole32

CoTaskMemFree
CLSIDFromString
CoCreateInstance
StringFromCLSID
CoUninitialize
CoInitialize
StringFromIID

shell32

CommandLineToArgvW

msvcrt

_exit
??1type_info@@UAE@XZ
wcsrchr
_wcsicmp
_except_handler3
_wcslwr
qsort
__winitenv
realloc
_purecall
exit
_itoa
_snwprintf
memset
__p__commode
_CxxThrowException
?terminate@@YAXXZ
fputs
_itow
_wcsnicmp
__wgetmainargs
_initterm
_iob
_cexit
__setusermatherr
_vsnwprintf
iswspace
_XcptFilter
vwprintf
_controlfp
__set_app_type
__dllonexit
??2@YAPAXI@Z
wcsstr
??3@YAXPAX@Z
__p__fmode
_c_exit
strchr
free
_onexit
_snprintf
_vsnprintf
wcslen
strncmp
_adjust_fdiv
__CxxFrameHandler
atoi

user32

CharNextW
CharNextA
wsprintfW

imagehlp

ImageRvaToVa
ImageDirectoryEntryToData
ImageNtHeader
ImageGetDigestStream

Sections

.text
Size: 707KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4d3278050e53f690484ee18587486b2

Headers

File Characteristics

Imports

msvfw32

kernel32

ole32

shell32

msvcrt

user32

imagehlp

Sections

.text Size: 707KB - Virtual size: 707KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 252KB - Virtual size: 251KB

.rsrc Size: 9KB - Virtual size: 3.2MB

.text
Size: 707KB - Virtual size: 707KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 252KB - Virtual size: 251KB

.rsrc
Size: 9KB - Virtual size: 3.2MB