843307b9c9b4e1fc9dd454f92ffcff6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

843307b9c9b4e1fc9dd454f92ffcff6c_JaffaCakes118
Size

359KB
MD5

843307b9c9b4e1fc9dd454f92ffcff6c
SHA1

2c25baaca4feb62bd714f8ce8575b77dd58b3c0d
SHA256

bb5f36cf210b1344cfba9e33adce52e289330a7736844224a5d64e1ecee3a638
SHA512

e2a73f617f79696ea01a296c5c84e94b75e1e0e417704feec4afd7d673dcdb8f3df62833a0fd508981716d3c7b0d745174b8b2de58cd68f8f0e28d742095c265
SSDEEP

6144:oJBTFnxfqx94VvcuBtjox79ItnrvFBb11Hq4tdKJ0VtfuIvflPqOz6gtzJvPfiO:cZxqIm9INrvFRjHq4TKqVR9nl1Ogt1vt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
843307b9c9b4e1fc9dd454f92ffcff6c_JaffaCakes118

Files

843307b9c9b4e1fc9dd454f92ffcff6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9033cd7e4c4d6256652854fe10d0a1a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InterlockedIncrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
RaiseException
GetSystemDirectoryW
MoveFileW
SetFileAttributesW
LocalFree
Sleep
InterlockedExchange
CreateDirectoryExW
GetFileAttributesW
GetModuleHandleW
GetCommandLineW
lstrlenW
LoadLibraryExW
GetCurrentProcess
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSetInformation
SetStdHandle
LoadLibraryA
HeapFree
HeapAlloc
LeaveCriticalSection
WriteFile
GetProcAddress
TlsSetValue
GetOEMCP
GetFileType
SetHandleCount
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetModuleHandleA
InterlockedCompareExchange
GetVersionExW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
VirtualProtect
VirtualFree
GetCurrentProcessId
VirtualAlloc

user32

TranslateMessage
GetMessageW
PostQuitMessage
DefWindowProcW
PostMessageW
DispatchMessageW
GetSystemMetrics
IsRectEmpty
ReleaseDC
GetDC
RegisterClassW
GetCursorPos
LoadStringW
GetActiveWindow
LoadCursorW
CreateWindowExW

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

gdi32

GetStockObject
GetClipBox

ole32

CoTaskMemFree

msvcr71

wcsncmp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_acmdln
_ismbblead
_exit
_c_exit
_wtoi
_cexit
_XcptFilter
exit
_vsnwprintf
_controlfp
_except_handler3
_onexit
_lock
__dllonexit
_unlock
_wcsupr
wcschr
memcpy
_wcsicmp
wcstoul
iswalpha
_initterm
bsearch
_wcsnicmp
memset
free
_CxxThrowException
malloc
_amsg_exit

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9033cd7e4c4d6256652854fe10d0a1a0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 265KB - Virtual size: 528KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 265KB - Virtual size: 528KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 40KB - Virtual size: 40KB