8623f728b0f9742516753df0f4c19a2c_JaffaCakes118

General

Target

8623f728b0f9742516753df0f4c19a2c_JaffaCakes118
Size

192KB
MD5

8623f728b0f9742516753df0f4c19a2c
SHA1

1e35fd79230f99904033d087d31188d387e2d0ce
SHA256

f73e4f56874f6d7811eaec7c5a10b9d8646c015a29641d790e78c85758a86baf
SHA512

5dd212a5246024f5e19122843bbb7b881820dc6e1200bafbc9404e8a25154e78d1f7133814e9ad20904202e43bc068fad8e901f533b7e8faddbd25c1526ae0aa
SSDEEP

3072:WeFnWb4yr3vUh2/hAB06bascVOp4LJUq7iv82tyeGwT6Fp6YYK7x:pFnWb4yr3vUhu6ncVWs98GwTop6YY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8623f728b0f9742516753df0f4c19a2c_JaffaCakes118

Files

8623f728b0f9742516753df0f4c19a2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dec95b4a16462f1904c43621f185885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

user32

CharNextA
GetActiveWindow
FlashWindow

msvcrt

_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strncpy
strstr
strrchr
strncmp
srand
memmove
memset
_except_handler3
malloc
_callnewh
memcpy
tolower
_ftol
rand
__CxxFrameHandler
_strlwr
_strrev
_itoa

kernel32

SetFileAttributesA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetStartupInfoA
GetCurrentThreadId
GetCommandLineA
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
GetShortPathNameA
CreateEventA
WaitForSingleObject
SleepEx
GetTickCount
MoveFileA
GetTempPathA
GetCurrentDirectoryA
FindResourceA
SizeofResource
LoadResource
LockResource
GetModuleFileNameA
CreateFileA
WriteFile
FreeResource
ExitProcess
GetModuleHandleA
Sleep
GetProcAddress
GetCurrentThread
GetCurrentProcessId
LoadLibraryA
GetSystemDirectoryA
lstrcatA
CloseHandle
GetCurrentProcess
GetLastError
CreateDirectoryA
GetFileAttributesA
DeleteFileA

ws2_32

closesocket

Sections

..,...Te
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dec95b4a16462f1904c43621f185885

Headers

File Characteristics

Imports

shell32

user32

msvcrt

kernel32

ws2_32

Sections

..,...Te Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 164KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 3KB

..,...Te
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 3KB