673bba1f1c9a805397cac9d13f17c0e4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

673bba1f1c9a805397cac9d13f17c0e4_JaffaCakes118
Size

83KB
MD5

673bba1f1c9a805397cac9d13f17c0e4
SHA1

9f507a76c972613901ff4e7b0d112ee832dee1cf
SHA256

27ea25e2e1e3bc18b27b0694d04a4171a3e7a11313fdf2d19044fbf8531fbcf2
SHA512

52e3677f84159fda8a8fd2d73c44a7343dbe5f96b7d98f1e11285cb103726cd3ece1880f679b8979231e9c21361de87c1e7507a093dd11fa0faf2d459c9fba79
SSDEEP

1536:b53FMaON7D9Sd7ItcrfyzB/2jNHbzt0mni/zjZ1dN:d387D9rtCazB/Kt0Aand

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
673bba1f1c9a805397cac9d13f17c0e4_JaffaCakes118

Files

673bba1f1c9a805397cac9d13f17c0e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4376ac382c1119d01faf4f463e335b9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
ReportEventA
RegDeleteKeyA
RegDeleteValueA
InitializeSecurityDescriptor
RegisterEventSourceA
RegOpenKeyExA
DeregisterEventSource
RegCreateKeyExA
RegCloseKey
SetSecurityDescriptorDacl
RegQueryValueExA

msvcrt

_except_handler3
_chdir
_ultoa
strncpy
_adjust_fdiv
_itoa
_initterm
vprintf
printf
_splitpath
_stricmp
fflush
isprint
time
free
strpbrk
vsprintf
_ltoa
_strupr
fprintf
_beginthread
_iob
atol
toupper
strtoul
_purecall
strtok
exit
_vsnprintf
fclose
swprintf
fopen
wcslen
_onexit
_snprintf
strchr
_makepath
rand
_beep
_ftol
sprintf
_strnicmp

kernel32

TlsAlloc
FlushFileBuffers
WaitForSingleObject
GetLocalTime
FindFirstFileA
GlobalMemoryStatus
lstrlenA
GetOverlappedResult
CreateEventA
ResetEvent
GetModuleHandleA
GetSystemDefaultLangID
TlsGetValue
CopyFileA
FindNextFileA
GetExitCodeThread
MoveFileA
LeaveCriticalSection
TlsFree
FindClose
CreateDirectoryA
DebugBreak
CreateFileMappingA
GetTickCount
QueryPerformanceFrequency
TerminateProcess
GetCurrentProcess
ReadFileEx
GetCurrentThread
LCMapStringW
DeleteFileA
QueryPerformanceCounter
GetFileAttributesA
VirtualAlloc
CreateFileA
GetSystemInfo
WaitForSingleObjectEx
CreateSemaphoreA
HeapAlloc
GetCurrentProcessId
HeapCreate
GetCurrentThreadId
DeleteCriticalSection
SetEvent
GetLastError
ReleaseSemaphore
lstrcpyA
SetThreadPriority
ReleaseMutex
GetProcAddress
HeapFree
IsProcessorFeaturePresent
GetModuleFileNameA
OutputDebugStringA
RemoveDirectoryA
ExpandEnvironmentStringsA
HeapDestroy
CloseHandle
GetFileSize
ReadFile
UnhandledExceptionFilter
Sleep
WriteFileEx
SleepEx
ReadProcessMemory
InitializeCriticalSection
GetDriveTypeA
LoadLibraryA
UnmapViewOfFile
IsValidLocale
WaitForMultipleObjectsEx
TlsSetValue
GlobalAlloc
GetProcessHeap
EnterCriticalSection
SetFilePointer
CreateThread
SetEndOfFile
GlobalFree
GetUserDefaultLangID
GetDiskFreeSpaceA
WriteFile
VirtualQuery
FreeLibrary
MapViewOfFile
CreateMutexA
GetVersionExA
VirtualFree
lstrcmpA
InterlockedIncrement

winmm

auxSetVolume

Sections

.textbss
Size: 77KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4376ac382c1119d01faf4f463e335b9b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msvcrt

kernel32

winmm

Sections

.textbss Size: 77KB - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 472B

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 52B

.textbss
Size: 77KB - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 472B

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 52B