400de4c9714c808dbed69ac6eae70432_JaffaCakes118

General

Target

400de4c9714c808dbed69ac6eae70432_JaffaCakes118
Size

102KB
MD5

400de4c9714c808dbed69ac6eae70432
SHA1

c1eb6b18f3e0327455296ea2c72a73a2d9c0d065
SHA256

92aa46b0ec06db4cb14bda8ab25231026f1e97adead121363d913992b5ddc0ff
SHA512

999fbde45c02ac92af3119fbb3183417b626b115cd9056fa6347dbd936fa76faac5c33ae8286a10f9dc718985ef726a3056475f96ecff30908f8482a7afe89df
SSDEEP

3072:SEymyW4ko0rA+SZJpVdaYp3E6laa2KOdD:SEvB4v0rA+Sv3dL2KO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
400de4c9714c808dbed69ac6eae70432_JaffaCakes118

Files

400de4c9714c808dbed69ac6eae70432_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2994e6afaf450fec59d26ea90e8ea5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InitializeCriticalSection
GetModuleHandleA
CloseHandle
MultiByteToWideChar
CreateFileA
DeleteFileA
WriteFile
SystemTimeToFileTime
GetSystemTime
GetCPInfo
ReadFile
DeleteCriticalSection
FormatMessageA
SetFilePointer
GetLastError
InterlockedDecrement
WideCharToMultiByte
GetFileSize

msacm32

acmStreamOpen
acmStreamSize
acmFormatTagDetailsA
acmStreamUnprepareHeader
acmStreamClose
acmFormatSuggest
acmFormatDetailsA
acmStreamConvert
acmStreamPrepareHeader

winmm

mmioSeek
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose

rpcrt4

UuidCreate

user32

CharToOemA
LoadStringA

msvcrt

_mbsrchr
??3@YAXPAX@Z
??2@YAPAXI@Z
printf
sscanf
fclose
fgets
fopen
_ftol
_mbscpy
_mbslen
_stricmp
_mbsicmp
strrchr
__getmainargs
wcscpy
wcslen
wcscmp
_purecall
_CxxThrowException
__CxxFrameHandler
_EH_prolog
strncpy
tmpnam
sprintf
calloc
free
_exit
_XcptFilter
exit
__p___initenv
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vsp
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a2994e6afaf450fec59d26ea90e8ea5b

Headers

File Characteristics

Imports

kernel32

msacm32

winmm

rpcrt4

user32

msvcrt

Sections

.text Size: 83KB - Virtual size: 82KB

.data Size: 10KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 3KB

.vsp Size: - Virtual size: 1B

.text
Size: 83KB - Virtual size: 82KB

.data
Size: 10KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 3KB

.vsp
Size: - Virtual size: 1B