5f428af185997818d043820c089822cd_JaffaCakes118

General

Target

5f428af185997818d043820c089822cd_JaffaCakes118
Size

197KB
MD5

5f428af185997818d043820c089822cd
SHA1

9843f90c187ee99d99ab73b39375c1ca9dea5ccd
SHA256

76451b3ae1b857d25f82579ba9f0104043ea9549d389f50d5834c91712cf43f3
SHA512

0e084ba362e677de315434504062a0d5c123cbe334cea75c7c3f8d6bf1648c53a494889c1ba7726d1959e38959bf0bd6b1d1c032235e7a6f82227ee9a9090e78
SSDEEP

3072:NyVD8wvyZWSww6Dpj+yU+xJsyb2MYKJhJBUIGus49T9dh:0DPvwj6DEytxH2MHJzBFH9T9d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f428af185997818d043820c089822cd_JaffaCakes118

Files

5f428af185997818d043820c089822cd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

50ba6ea6e12816af76de67526c7691e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
_makepath
_acmdln
_ui64tow
_fcloseall
_memicmp
_mbsnbicoll
_getcwd
fseek
atof
_controlfp
_except_handler3
_mbctombb
abort
memcpy
_close
_adj_fdivr_m64
__getmainargs
__p__fmode
_adjust_fdiv
__p__commode
_wchdir
_clearfp
__set_app_type
isspace
__setusermatherr
_i64toa
_wcslwr
_XcptFilter
exit
_initterm
_futime
_wcsnicmp
_mbsnset
_seh_longjmp_unwind
_toupper

kernel32

SetEvent
CreateToolhelp32Snapshot
GetCurrentProcess
GetProcessHeap
FormatMessageA
RaiseException
SetLastError
OpenEventA
TerminateThread
HeapCreate
LocalFree
HeapSize
GetACP
TerminateProcess
GetEnvironmentStringsW
GetStartupInfoA
HeapAlloc
VirtualQueryEx
CloseHandle
GetStringTypeA
GetModuleHandleA
WriteConsoleA
SetThreadAffinityMask
TlsAlloc
LeaveCriticalSection
GetConsoleMode
GlobalReAlloc
IsValidCodePage

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

daeqpks
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50ba6ea6e12816af76de67526c7691e3

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 161KB - Virtual size: 160KB

.data Size: 512B - Virtual size: 212KB

.rsrc Size: 31KB - Virtual size: 59KB

daeqpks Size: - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 161KB - Virtual size: 160KB

.data
Size: 512B - Virtual size: 212KB

.rsrc
Size: 31KB - Virtual size: 59KB

daeqpks
Size: - Virtual size: 4KB