45a05e29498096a4c9b028780ef0a5b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45a05e29498096a4c9b028780ef0a5b4_JaffaCakes118
Size

112KB
MD5

45a05e29498096a4c9b028780ef0a5b4
SHA1

af12b13a1617331038a0dd5ec8418a5154be3595
SHA256

142a915b9e2273884971d37f503b2a4119c8b4ff70aecfc9b7f2bba9d333726c
SHA512

f02649fa84adf34d823b372ec1f34e60b4aceab2fa6f94a2c7bc6cbe8e720f4fa718e3ef4711d8b46b80c0b0e352983c6ec02b4420a86fd14557dd83ef88da34
SSDEEP

1536:zdhoMYY0HmP2A3EypudzLCAfYJqS/YCmrgF2y0gJvqr9PxDtE:X0HBA3EyA9CAfYPYRrO0gJu9ZDtE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a05e29498096a4c9b028780ef0a5b4_JaffaCakes118

Files

45a05e29498096a4c9b028780ef0a5b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f6bf48a665172e206659c0f2d7618c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
_lclose
_llseek
OpenFile
GetWindowsDirectoryA
Sleep
GetPrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileIntA
_lwrite
LoadLibraryA
FreeLibrary
DeleteFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
FormatMessageA
GetLastError
FindFirstFileA
FindNextFileA
FindClose
GetProcAddress
SetFileApisToOEM
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
WideCharToMultiByte
GetFullPathNameA
GetLocalTime
GetSystemTime
HeapAlloc
HeapFree
MultiByteToWideChar
CloseHandle
DuplicateHandle
GetCurrentProcess
HeapReAlloc
ExitProcess
TerminateProcess
SetStdHandle
GetFileType
CreatePipe
MoveFileA
SetHandleCount
GetStdHandle
GetStartupInfoA
SetConsoleCtrlHandler
RtlUnwind
GetCommandLineA
GetVersion
GetCPInfo
_lread
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ReadFile
FlushFileBuffers
WriteFile
SetEnvironmentVariableW
SetEnvironmentVariableA
GetDriveTypeA
IsBadReadPtr
GetTimeZoneInformation
SetFilePointer
GetFileAttributesA
CreateFileA
GetCurrentProcessId
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEndOfFile
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
IsBadWritePtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetLocaleInfoW
CreateProcessA
FileTimeToSystemTime
SetFileTime
GetFileInformationByHandle
PeekNamedPipe
SetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateDirectoryA
RemoveDirectoryA

user32

CharToOemA

p2xdll

CreateCPerl
PerlGetVersion
InitDLLData

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f6bf48a665172e206659c0f2d7618c7

Headers

File Characteristics

Imports

kernel32

user32

p2xdll

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 23KB - Virtual size: 23KB