75d15f552aba5ed0df80ec2c16ab683e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75d15f552aba5ed0df80ec2c16ab683e_JaffaCakes118
Size

519KB
MD5

75d15f552aba5ed0df80ec2c16ab683e
SHA1

4fd46c30fb1b6f5431c12a38430d684ed1ff5a75
SHA256

a1176b60ca96cfeb37dde61bde935f645a64fabd8e300f072fc355434b711dcf
SHA512

7816bab7f731295d33584c8e59bab5fe5c2b0971be4e99fb3660cd7fdcd37ea06e65c53ead9c41128e0cd8d3d1587899ccf6d884b3d899e7d2d84cfa9f5ffcff
SSDEEP

12288:4px6vesG6rDO9Gak6Ou1EGLmeJ1LPR6dnDi8f:WwDO9Vkzu1/dOnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75d15f552aba5ed0df80ec2c16ab683e_JaffaCakes118

Files

75d15f552aba5ed0df80ec2c16ab683e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

74c7b7987d5b8d910743cca1da61a038

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\projects\archive-access\ArchiveAccess-9.20-2011-10-21\MSVC 2010\Release\ArchiveAccessTest.pdb

Imports

kernel32

ReadFile
SetFilePointerEx
WriteFile
SetFilePointer
GetFileSize
CreateFileW
GetFileTime
GetFileAttributesW
CloseHandle
FileTimeToSystemTime
GetVersionExW
LocalFileTimeToFileTime
VirtualAlloc
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
DosDateTimeToFileTime
FileTimeToDosDateTime
SystemTimeToFileTime
GetSystemTime
GetSystemInfo
GlobalMemoryStatus
GetProcAddress
GetModuleHandleW
FileTimeToLocalFileTime
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
WaitForMultipleObjects
GetLastError
WaitForSingleObject
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreW
ReleaseSemaphore
InitializeCriticalSection
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
HeapAlloc
HeapFree
ExitThread
CreateThread
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
Sleep
HeapSize
ExitProcess
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetLocaleInfoW
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

user32

CharPrevExA
CharUpperW
CharToOemW

oleaut32

SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SysFreeString

Sections

.text
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74c7b7987d5b8d910743cca1da61a038

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

oleaut32

Sections

.text Size: 331KB - Virtual size: 330KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 137KB - Virtual size: 1.2MB

.text
Size: 331KB - Virtual size: 330KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 137KB - Virtual size: 1.2MB