59d3336174a6f429bf915437d9f3d612_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

59d3336174a6f429bf915437d9f3d612_JaffaCakes118
Size

340KB
MD5

59d3336174a6f429bf915437d9f3d612
SHA1

6acbe2fc4e3e2ad3925a70ee9ca2120beedbdbd8
SHA256

8688b7a248fd02194bc8dc97b752d546d4c72778a4a86024f90a8307fe082a72
SHA512

47fc3ff0d531d3215ba6ba34de7ef961bb67c326775ff12d4ddb1620e60a27b597cc0959de5ff4adfa0d87cd5416cb45e9f01094c52d0bb2d421d3405f89282c
SSDEEP

6144:vAyBCP4AMXczo5gtiQWGVARqXaMqtWoSeFytpcwg/79zv09WuFNO/:Y+CP4tyntiQTVAkPqtWoSeFy7IBT0xFc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d3336174a6f429bf915437d9f3d612_JaffaCakes118

Files

59d3336174a6f429bf915437d9f3d612_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fba374d1ceba2452dc94a53bbaf3004

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
InterlockedDecrement
MultiByteToWideChar
lstrlenA
CompareStringW
HeapAlloc
InterlockedExchange
Sleep
InterlockedCompareExchange
GetProcessHeap
HeapFree
lstrlenW
WideCharToMultiByte
GetSystemDefaultLangID
LockResource
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStringTypeExW
GetSystemTimeAsFileTime
CloseHandle
CreateFileW
EnterCriticalSection
CreateFileMappingW
MapViewOfFile
GetCurrentProcess
IsWow64Process
WriteFile
UnmapViewOfFile
LCMapStringW
CreateEventW
lstrcmpW
ResetEvent
WaitForSingleObject
HeapCreate
DeleteCriticalSection
lstrcpynW
LoadLibraryExW
FindResourceW
LoadResource
FreeLibrary
SizeofResource
lstrcmpiW
GetModuleHandleA
LeaveCriticalSection
GetStartupInfoA
InterlockedIncrement
VirtualProtect
GlobalFree
GetCommandLineA
GetFileSize
GlobalAlloc

user32

CharToOemW
LoadStringW
CharNextW

advapi32

RegDeleteValueW
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyW
RegSetValueExW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

msvcr71

printf
__p__fmode
__p__commode
_controlfp
_onexit
_except_handler3
free
malloc
memset
_XcptFilter
__dllonexit
_adjust_fdiv
_initterm
memmove
wcstombs
_wtoi
wcsncpy
swscanf
iswspace
iswxdigit
towupper
_ui64tow
wcslen
__setusermatherr
_wfopen
ftell
_CxxThrowException
fseek
fread
fclose
_c_exit
_exit
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
__set_app_type

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fba374d1ceba2452dc94a53bbaf3004

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 280KB - Virtual size: 555KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 280KB - Virtual size: 555KB

.rsrc
Size: 5KB - Virtual size: 4KB