444133fbdc097a30bd287b2cff2590e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

444133fbdc097a30bd287b2cff2590e9_JaffaCakes118
Size

50KB
MD5

444133fbdc097a30bd287b2cff2590e9
SHA1

626d58ac01b9ffad75268f478dc62f2026edf494
SHA256

b490db9c0d1563a60dc5e086b9fdb56a1f41448dea06f97f536df5af543def54
SHA512

9bca8a48955284a8dbafd423f465350bc59a528394b564624a9a572e5cb95b5aae623b97dd9d802c671b2d8ac7a49c6dccbaeadf0fbafcbbf0d313a79be34201
SSDEEP

768:oAvBkFFMkjlc/5Tj0PUckgU6zkNhcOptU2je12nkGW4T3n:o3FMxEgV6zlsUb2kCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
444133fbdc097a30bd287b2cff2590e9_JaffaCakes118

Files

444133fbdc097a30bd287b2cff2590e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f15c2078c04eb859a8fcadbbcadef60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsProcessorFeaturePresent
MoveFileA
LeaveCriticalSection
DeleteCriticalSection
CreateEventA
QueryPerformanceCounter
GetVersionExA
GetTickCount
SetEndOfFile
TlsSetValue
FlushFileBuffers
GetExitCodeThread
GetModuleFileNameA
ReadFileEx
TlsGetValue
MapViewOfFile
HeapFree
lstrcpyA
UnhandledExceptionFilter
WaitForSingleObjectEx
HeapAlloc
CreateFileA
CreateFileMappingA
ReleaseMutex
GetFileSize
ReadFile
VirtualFree
ReleaseSemaphore
SetThreadPriority
InitializeCriticalSection
OutputDebugStringA
CreateDirectoryA
FindFirstFileA
QueryPerformanceFrequency
RemoveDirectoryA
DebugBreak
LCMapStringW
CloseHandle
VirtualQuery
TlsAlloc
HeapDestroy
GetFileAttributesA
LoadLibraryA
lstrcmpA
GetCurrentThread
GlobalMemoryStatus
GetDriveTypeA
VirtualAlloc
GetUserDefaultLangID
ResetEvent
FindClose
FreeLibrary
GetCurrentProcess
GetLastError
UnmapViewOfFile
WaitForMultipleObjectsEx
CreateThread
GetSystemDefaultLangID
GetProcessHeap
InterlockedIncrement
GetOverlappedResult
CreateMutexA
GetSystemInfo
ReadProcessMemory
WaitForSingleObject
GlobalAlloc
GetDiskFreeSpaceA
TlsFree
SleepEx
lstrlenA
SetEvent
WriteFileEx
Sleep
TerminateProcess
GetProcAddress
GetCurrentThreadId
ExpandEnvironmentStringsA
DeleteFileA
SetFilePointer
FindNextFileA
GetLocalTime
WriteFile
CreateSemaphoreA
GetCurrentProcessId
IsValidLocale
HeapCreate
EnterCriticalSection
CopyFileA
GlobalFree

lz32

LZClose

advapi32

RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
ReportEventA
InitializeSecurityDescriptor
RegSetValueExA
SetSecurityDescriptorDacl
RegCreateKeyExA
RegisterEventSourceA
RegDeleteKeyA
DeregisterEventSource

msvcrt

_stricmp
_onexit
free
_adjust_fdiv
__dllonexit
fopen
_initterm
_strupr
swprintf
strpbrk
fprintf
_except_handler3
_strnicmp
_purecall
printf
_ultoa
rand
toupper
_itoa
wcslen
sprintf
vsprintf
strtok
strchr
isprint
atol
_iob
vprintf
_fullpath
fclose
strncpy
_ftol
strtoul
malloc
_ltoa
_snprintf
memmove
_splitpath
fflush
_makepath
_vsnprintf
time

winmm

auxSetVolume

Sections

.textbss
Size: 43KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f15c2078c04eb859a8fcadbbcadef60

Headers

File Characteristics

Imports

kernel32

lz32

advapi32

msvcrt

winmm

Sections

.textbss Size: 43KB - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 420B

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 76KB

.textbss
Size: 43KB - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 76KB