88f0695b532b24b89ee6ba7ab1f9e5f3_JaffaCakes118

General

Target

88f0695b532b24b89ee6ba7ab1f9e5f3_JaffaCakes118
Size

150KB
MD5

88f0695b532b24b89ee6ba7ab1f9e5f3
SHA1

a701338fb5b7d4a778591431b1690247236a4d20
SHA256

1bdb0a986595b61c6180e40bb26641386ef68b7e89cb32bf9d84af450cfa5945
SHA512

f1b27c30d1fcdd933cfed72034817e751d8d5a44a5772fd7adc4ce7bc77768913d90ddd7e5c39afa21c12479642cabc5bf9d8626ae2953a2dec3b4f43b1791f6
SSDEEP

3072:T5pX5D1RXbj24LFtf/vjYIaIZ2qD8T8abBWrt7j76rWR:Tn5pRXxLfvUaoT5bwZ76rW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88f0695b532b24b89ee6ba7ab1f9e5f3_JaffaCakes118

Files

88f0695b532b24b89ee6ba7ab1f9e5f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

249342a7664c66aa0b46fcff93062647

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetFileAttributesA
FindFirstChangeNotificationA
DeleteFileA
CopyFileA
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedDecrement
GetVolumeInformationA
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileW
GetModuleHandleA
MoveFileExA
GetDateFormatA
FreeResource
SizeofResource
LoadResource
GetSystemDirectoryW
CreateEventA
GlobalMemoryStatus
LeaveCriticalSection
FileTimeToSystemTime
HeapWalk
HeapReAlloc
HeapAlloc
HeapCreate
HeapFree
CreateProcessW
Sleep
GetTickCount
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GetModuleHandleW
GetCommandLineW
MoveFileW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

msvcr71

_XcptFilter
_onexit
__dllonexit
strchr
strncmp
fclose
fread
fseek
fopen
exit
calloc
free
malloc
_c_exit
_exit
_controlfp
_cexit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Exports

Exports

aemlxvbwlbj
eknvcljcsm
fycgeuwzmwozfag
mwtglvxfmxhu
rgmikqzzuvykamgcfsau
tdtwwaogszdqxejxccxqgh
tgukahxs
ujigectszskujimu

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

249342a7664c66aa0b46fcff93062647

Headers

File Characteristics

Imports

kernel32

version

msvcr71

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 57KB - Virtual size: 72KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 57KB - Virtual size: 72KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB