83f27cc86904e1edabd5ef2a272619a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83f27cc86904e1edabd5ef2a272619a5_JaffaCakes118
Size

92KB
MD5

83f27cc86904e1edabd5ef2a272619a5
SHA1

bc78d5678679a7e5efb87c0de478598a9fc7e86e
SHA256

c67f907e667ac8b29202b22d5563ba9a1980ba449682b4c2754b087158149b28
SHA512

de88e1a68ee659e704847bceea50e09209706621ea7973c6d01e2d457abff59f6477b21f09ca0f9e8f7c14edea51897cf4e1dae7ff4f30286f3186e60e494e5d
SSDEEP

1536:gxiU0OQLiCdx7ACYJnHW+vyPnAjiecsq/5bIGiau6b+RyST9NGS5uAgwRO7m:Id0OQLfdlAbn22yefcsq/1IFl6Z89N4Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83f27cc86904e1edabd5ef2a272619a5_JaffaCakes118

Files

83f27cc86904e1edabd5ef2a272619a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5f805e2ef68a7807d552c95171f86cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strlen
time
strstr
memset
fopen
printf
sprintf
exit
strcat
strcpy
fclose
fread
fgetc
fseek
ftell

kernel32

GetStartupInfoA
GetModuleHandleA
GetSystemDirectoryA
lstrlenA
lstrcpyA
lstrcatA
Process32Next
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
DeleteFileA
Sleep
GetPrivateProfileIntA
WritePrivateProfileStringA
GetTickCount
GetModuleFileNameA
WinExec
CloseHandle
WriteFile
CreateFileA
MoveFileA
VirtualProtect

user32

SystemParametersInfoA
EnumWindows
PostMessageA
CharUpperA
ActivateKeyboardLayout
GetKeyboardLayoutList

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

imm32

ImmInstallIMEA

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsf0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.dsf1
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5f805e2ef68a7807d552c95171f86cc

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

imm32

Sections

.text Size: - Virtual size: 2KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 118KB

.rsrc Size: 4KB - Virtual size: 1KB

.dsf0 Size: - Virtual size: 16KB

.dsf1 Size: 80KB - Virtual size: 78KB

.reloc Size: 4KB - Virtual size: 48B

.text
Size: - Virtual size: 2KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 118KB

.rsrc
Size: 4KB - Virtual size: 1KB

.dsf0
Size: - Virtual size: 16KB

.dsf1
Size: 80KB - Virtual size: 78KB

.reloc
Size: 4KB - Virtual size: 48B