72875c762d5755ecb2ad61469d3cbd74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72875c762d5755ecb2ad61469d3cbd74_JaffaCakes118
Size

978KB
MD5

72875c762d5755ecb2ad61469d3cbd74
SHA1

e92a75e37a1094258fa476cfe66a0b24874d6e31
SHA256

e6dd117fcfa2b01850e0cf1da68fb8ee90b193ea02b69f5a2ba154b551114e98
SHA512

6d1d1d4d518e9b6c695363e93944499307433966cda20f16bc62f3cc09383ed1d3043a7468abee69e27b67339db266c56608d120575998f0c93dd089ef0b3621
SSDEEP

24576:lXdMnfxw70nOqqMledCE+Ers4PzEb2RKWQXOxX4:lXOn6ZqDar/zgEX4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72875c762d5755ecb2ad61469d3cbd74_JaffaCakes118

Files

72875c762d5755ecb2ad61469d3cbd74_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af75cd0b79ffd679fb32baf0eab7b39c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_XcptFilter
??2@YAPAXI@Z
_purecall
_except_handler3
atoi
_vsnwprintf
??1type_info@@UAE@XZ
_wcslwr
wcsstr
__winitenv
__dllonexit
wcsrchr
strncmp
vwprintf
_wcsnicmp
_iob
__set_app_type
wcslen
_snwprintf
memset
_wcsicmp
_controlfp
_CxxThrowException
realloc
fputs
_onexit
_vsnprintf
exit
_exit
strchr
qsort
free
??3@YAXPAX@Z
_snprintf
iswspace
__CxxFrameHandler
_itoa
_cexit
_c_exit
?terminate@@YAXXZ
__p__fmode
__setusermatherr
_itow
_initterm
__p__commode
__wgetmainargs

user32

CharNextW
CharNextA
wsprintfW

imagehlp

ImageDirectoryEntryToData
ImageNtHeader
ImageGetDigestStream
ImageRvaToVa

kernel32

GetACP
GetFullPathNameA
lstrlenW
GetThreadLocale
InterlockedCompareExchange
InterlockedExchange
ReadFile
BeginUpdateResourceW
FindClose
IsDebuggerPresent
lstrcmpiA
GetOEMCP
lstrcpyA
FindNextFileW
CloseHandle
InterlockedDecrement
GetEnvironmentVariableA
ExitProcess
GetLocaleInfoA
RemoveDirectoryW
CopyFileA
EndUpdateResourceW
GetModuleHandleW
GetSystemDirectoryA
OutputDebugStringA
GetFileAttributesA
GetFileAttributesW
GetVersionExW
CopyFileW
GetFileInformationByHandle
GlobalFree
LoadLibraryExA
LocalFree
LoadLibraryExW
WideCharToMultiByte
lstrlenA
SetFilePointer
InterlockedIncrement
DebugBreak
FreeResource
FreeLibrary
GetVersion
GlobalAlloc
RaiseException
UpdateResourceW
RemoveDirectoryA
GetFullPathNameW

shell32

CommandLineToArgvW

msvfw32

ICGetInfo
ICRemove

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CLSIDFromString
CoInitialize
StringFromCLSID
StringFromIID

Sections

.text
Size: 708KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af75cd0b79ffd679fb32baf0eab7b39c

Headers

File Characteristics

Imports

msvcrt

user32

imagehlp

kernel32

shell32

msvfw32

ole32

Sections

.text Size: 708KB - Virtual size: 707KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 252KB - Virtual size: 251KB

.rsrc Size: 14KB - Virtual size: 3.2MB

.text
Size: 708KB - Virtual size: 707KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 252KB - Virtual size: 251KB

.rsrc
Size: 14KB - Virtual size: 3.2MB