94b40a1c42fcb670af01c6258b04f432_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

94b40a1c42fcb670af01c6258b04f432_JaffaCakes118
Size

193KB
MD5

94b40a1c42fcb670af01c6258b04f432
SHA1

54095b5afc8dd1f6eea27b6f55f7974f1aeaba4c
SHA256

2be84b9a7d9554e4e935752f4a27a5c5ea4fba3b152481f0d5042cfd78f1bdc6
SHA512

944f2c0192bf43323dcc42a8db20ebc7e06f37c13cb24daf132776618e0b305207acddf337dfc9c6ff5f2833aa426abac7b42f96ee8c0b17fe56725093c21988
SSDEEP

768:jAvBkFFMkjlc/5Tj0PUckgU6zkNhcOptU2je12nkGW4T3n:j3FMxEgV6zlsUb2kCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94b40a1c42fcb670af01c6258b04f432_JaffaCakes118

Files

94b40a1c42fcb670af01c6258b04f432_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f15c2078c04eb859a8fcadbbcadef60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsProcessorFeaturePresent
MoveFileA
LeaveCriticalSection
DeleteCriticalSection
CreateEventA
QueryPerformanceCounter
GetVersionExA
GetTickCount
SetEndOfFile
TlsSetValue
FlushFileBuffers
GetExitCodeThread
GetModuleFileNameA
ReadFileEx
TlsGetValue
MapViewOfFile
HeapFree
lstrcpyA
UnhandledExceptionFilter
WaitForSingleObjectEx
HeapAlloc
CreateFileA
CreateFileMappingA
ReleaseMutex
GetFileSize
ReadFile
VirtualFree
ReleaseSemaphore
SetThreadPriority
InitializeCriticalSection
OutputDebugStringA
CreateDirectoryA
FindFirstFileA
QueryPerformanceFrequency
RemoveDirectoryA
DebugBreak
LCMapStringW
CloseHandle
VirtualQuery
TlsAlloc
HeapDestroy
GetFileAttributesA
LoadLibraryA
lstrcmpA
GetCurrentThread
GlobalMemoryStatus
GetDriveTypeA
VirtualAlloc
GetUserDefaultLangID
ResetEvent
FindClose
FreeLibrary
GetCurrentProcess
GetLastError
UnmapViewOfFile
WaitForMultipleObjectsEx
CreateThread
GetSystemDefaultLangID
GetProcessHeap
InterlockedIncrement
GetOverlappedResult
CreateMutexA
GetSystemInfo
ReadProcessMemory
WaitForSingleObject
GlobalAlloc
GetDiskFreeSpaceA
TlsFree
SleepEx
lstrlenA
SetEvent
WriteFileEx
Sleep
TerminateProcess
GetProcAddress
GetCurrentThreadId
ExpandEnvironmentStringsA
DeleteFileA
SetFilePointer
FindNextFileA
GetLocalTime
WriteFile
CreateSemaphoreA
GetCurrentProcessId
IsValidLocale
HeapCreate
EnterCriticalSection
CopyFileA
GlobalFree

lz32

LZClose

advapi32

RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
ReportEventA
InitializeSecurityDescriptor
RegSetValueExA
SetSecurityDescriptorDacl
RegCreateKeyExA
RegisterEventSourceA
RegDeleteKeyA
DeregisterEventSource

msvcrt

_stricmp
_onexit
free
_adjust_fdiv
__dllonexit
fopen
_initterm
_strupr
swprintf
strpbrk
fprintf
_except_handler3
_strnicmp
_purecall
printf
_ultoa
rand
toupper
_itoa
wcslen
sprintf
vsprintf
strtok
strchr
isprint
atol
_iob
vprintf
_fullpath
fclose
strncpy
_ftol
strtoul
malloc
_ltoa
_snprintf
memmove
_splitpath
fflush
_makepath
_vsnprintf
time

winmm

auxSetVolume

Sections

.textbss
Size: 43KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f15c2078c04eb859a8fcadbbcadef60

Headers

File Characteristics

Imports

kernel32

lz32

advapi32

msvcrt

winmm

Sections

.textbss Size: 43KB - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 420B

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 144KB - Virtual size: 224KB

.textbss
Size: 43KB - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 144KB - Virtual size: 224KB