653b672598e2efcc038c1c83f119b779_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

653b672598e2efcc038c1c83f119b779_JaffaCakes118
Size

147KB
MD5

653b672598e2efcc038c1c83f119b779
SHA1

c3e605c8c6e5387ebf9c77c0847ec20d2fe21beb
SHA256

1878ad3234751a9d11adffbe4e0aebc31d93c9d175b33ae6324e5794b36382e8
SHA512

d2ac41ae11528a94c7df9021100544b4528743f604c36e8328d50d402deed0c2c1a45acd039cb9e568dea52cf690ae529c72bdfdb1501230e00d637b434ea38b
SSDEEP

1536:C1Nwtcbbu0uzJjJ3KAY4sLYXqF9FQ3mRKVgnx9wLj74U+Yx+Lm/7:C1Nw70uN9aN0aRQ24gx9c3CYem/7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
653b672598e2efcc038c1c83f119b779_JaffaCakes118

Files

653b672598e2efcc038c1c83f119b779_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3fa9ccb0261e2b70160584f08e547f55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_unloaddll
_heapset
_strnicoll
_adj_fdivr_m32
wcstol
_snwprintf
_controlfp
_spawnlp
_wsetlocale
_safe_fdivr
fputs
_mbscmp
__getmainargs
_wfindfirst
strncat
_getdllprocaddr
strtok
_wsopen
_locking
_mbbtype
_putch
_except_handler3
_wexecve
_acmdln
_safe_fprem
_atodbl
_wspawnlp
memcpy
_safe_fprem1
_copysign
_wspawnlpe
_commit
iswgraph
tmpfile
longjmp
isspace
printf
_fcvt
_pgmptr
_initterm
_aexit_rtn
_utime
__p__fmode
_mbctokata
__setusermatherr
_mbsncpy
isalnum
_strerror
toupper
_dup
_mbcjmstojis
_wtof
_fileno
strrchr
frexp
wcschr
_ismbbprint
_adj_fprem
_aligned_offset_realloc
_wmkdir
_wfopen
fgetwc
abort
feof
_setmode
_wtol
_mbsnextc
_wcstoi64
exit
_mbsbtype
_set_sbh_threshold
_wspawnvp
_getdrives
sscanf
_getmbcp
_wsplitpath
_strnset
time
_mbsrchr
getwc
_ismbckata
_mbscpy
_exit
_fputchar
_ismbbkprint
__p__commode
_unlock
_mbsinc
_get_heap_handle
_ismbslead
_getpid
mbtowc
gmtime
_mbscspn
vwprintf
wcsncat
_longjmpex
_mbsset
_atoldbl
_heapchk
strcpy
_ismbchira
_wgetdcwd
_XcptFilter
wcstombs
localeconv
_callnewh
strcat
_getmaxstdio
_wstati64
_spawnle
iswxdigit
_findnext
_finite
cos
_cabs
wcscmp
_wasctime
_iob
srand
strcoll
getchar
_wutime
_wrename
_safe_fdiv
_wfindnext64
_setjmp
_rotr
fsetpos
strxfrm
_ismbbpunct
_vsnprintf
wcsncmp
_stricoll
vfprintf
_ftol
_wenviron
_fdopen
_adjust_fdiv
_wchmod
isalpha
_timezone
exp
_fullpath
strcmp
swscanf
_control87
_wmakepath
_swab
memchr
_beep
qsort
_mbsnbcpy
_aligned_realloc
wcsncpy
__set_app_type
_rmdir

kernel32

GetTickCount
Sleep
FileTimeToSystemTime
SetErrorMode
FreeEnvironmentStringsW
SetLastError
CloseHandle
GetSystemDirectoryA
lstrcmpA
TerminateThread
HeapReAlloc
DuplicateHandle
WaitForMultipleObjects
SearchPathA
GetModuleHandleW
RaiseException
GetCurrentThreadId
TlsAlloc
FlushFileBuffers
HeapSize
MulDiv
GetProcAddress
GetNumberFormatA
Module32First
GetStartupInfoA
SetPriorityClass
GetComputerNameW
LockResource
ResumeThread
GetExitCodeThread
LeaveCriticalSection
SetUnhandledExceptionFilter
SetThreadAffinityMask
HeapCreate
GetCurrentProcess
CreateThread
TlsGetValue
GetModuleHandleA
UnmapViewOfFile
GlobalAddAtomA
FindResourceA
InterlockedIncrement
GetSystemTimeAsFileTime
FindClose
WriteFile
CreateFileA
GetStdHandle
CreateProcessA
LoadLibraryA
GetLastError
GlobalReAlloc
IsDebuggerPresent
WriteConsoleW
GetCurrentDirectoryA
MapViewOfFile
InitializeCriticalSection
OpenProcess
lstrlenA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetConsoleMode
SetEndOfFile
GlobalMemoryStatus
WideCharToMultiByte
GetProcessAffinityMask
HeapFree
ExitThread
CreateFileMappingA
GetVersionExA
ExitProcess
HeapAlloc
VirtualFree
SetProcessWorkingSetSize
DeleteFileA
ReadProcessMemory
GetVersion
InterlockedExchange
GetProcessHeap
GetFileType
FreeEnvironmentStringsA
GetLocaleInfoA
TlsFree
GetFileAttributesA
SetEvent
GetProcessWorkingSetSize
GlobalLock
LocalAlloc
MultiByteToWideChar
LoadLibraryW
CreateToolhelp32Snapshot
Module32Next
IsBadReadPtr
GlobalAlloc
lstrcpynA
VirtualQueryEx
FindFirstFileA
GetConsoleCP

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fa9ccb0261e2b70160584f08e547f55

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 512B - Virtual size: 85B

.rsrc Size: 512B - Virtual size: 284B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 512B - Virtual size: 85B

.rsrc
Size: 512B - Virtual size: 284B