47e0d5c361c1c773283c5c05ed95f0cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47e0d5c361c1c773283c5c05ed95f0cc_JaffaCakes118
Size

580KB
MD5

47e0d5c361c1c773283c5c05ed95f0cc
SHA1

c1a5d60adfd67de0730cfee689057242b6d4def9
SHA256

c3437a8663b7ba396f511654b630232a4c2cc704a29b0eb342f41b791c512239
SHA512

a01f3349c91c4efa0e7f1295e21122a4e03d0bb9fe3fae35ace940652c25f3c94a393eda78631fe56d7a6aae4bc5e82430b1af6312d13c4260d04d4791fe7ee8
SSDEEP

12288:v80Ey05dcZ1d4m3cBAFx20QbVO3sUn9e:v8Ryi+Z1PcBUg5bVO3sU9e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47e0d5c361c1c773283c5c05ed95f0cc_JaffaCakes118

Files

47e0d5c361c1c773283c5c05ed95f0cc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e6a92752a32b06ab497bc6832757b973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetCurrentProcess
WaitForSingleObject
FreeEnvironmentStringsA
GetEnvironmentStrings
Sleep
SizeofResource
GetFileAttributesA
GetLastError
GetProcAddress
CopyFileA
LoadLibraryA
LockResource
DeleteFileA
FreeLibrary
IsBadWritePtr
GetExitCodeThread
GetSystemInfo
GetModuleHandleA
ResumeThread
ExitProcess
SetEvent
GetTickCount
CreateEventA
LocalAlloc
GetModuleFileNameA
CloseHandle
CreateThread
MultiByteToWideChar
IsBadReadPtr
FindResourceA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
ExitThread
GetCurrentThreadId
FindClose
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateDirectoryA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
GetModuleHandleW
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
HeapSize
LCMapStringA
WideCharToMultiByte
LCMapStringW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
CompareStringA
CompareStringW
ReadFile
SetFilePointer
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileA

shell32

SHGetFolderPathA
ord680

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6a92752a32b06ab497bc6832757b973

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 453KB - Virtual size: 452KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 453KB - Virtual size: 452KB