a580074b073ed8be8a5479cc9a41f2db_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a580074b073ed8be8a5479cc9a41f2db_JaffaCakes118
Size

208KB
MD5

a580074b073ed8be8a5479cc9a41f2db
SHA1

21563066aea06684e222ed3cd643e7f582b06c37
SHA256

aa92788522b246fb05f8c135ebfd4a095fba2b602019b7714f7355b6e841044c
SHA512

a5f117acc7f6c5aee79bd1ac29a3004594ea37d99ffbae96ff61b9da860ecf3b6a6cabbcb3cfbb5c1a2d8c1b05568d314b97f755f6d16ca92a7da50370ebbbdf
SSDEEP

3072:iTXZnXImIF9CCxP66cpzOox+00e0p3OiivbNog0k9:iTXZXn+9jQ6cp6eEnZR0W69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a580074b073ed8be8a5479cc9a41f2db_JaffaCakes118

Files

a580074b073ed8be8a5479cc9a41f2db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41dac52ff3b36a0df88777e080eb3039

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
OutputDebugStringA
GetVersionExW
GetSystemDefaultLCID
HeapDestroy
MultiByteToWideChar
GetComputerNameA
HeapReAlloc
GetCurrentThread
HeapAlloc
EnterCriticalSection
HeapFree
LeaveCriticalSection
GetModuleHandleW
HeapCompact
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
FormatMessageW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetComputerNameW
GetModuleFileNameA
FormatMessageA
GetLastError
GetCurrentProcess
GetModuleFileNameW

msvcrt

_except_handler3
_controlfp
__p__commode
__set_app_type
__p__fmode
_initterm
_adjust_fdiv
__setusermatherr
exit
__getmainargs
__p___initenv
_exit
_XcptFilter
_purecall
memcmp
_CxxThrowException
_onexit
memcpy
wcscmp
_wcsicmp
_ltow
??1type_info@@UAE@XZ
wcsncmp
_wcsnicmp
strlen
strcpy
wcsncpy
__CxxFrameHandler
__dllonexit
_vsnwprintf
wcslen
strcmp
printf

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

SetErrorInfo
SysFreeString
GetErrorInfo
VariantClear

sqlresld

SQLUIUnloadResourceDLL
SQLUILoadResourceDLL

user32

LoadStringW
LoadStringA

advapi32

GetUserNameA
OpenThreadToken
LookupAccountSidW
GetTokenInformation
OpenProcessToken
GetUserNameW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pypfjsv
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41dac52ff3b36a0df88777e080eb3039

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

oleaut32

sqlresld

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 332B

.rsrc Size: 4KB - Virtual size: 1KB

.nrdata Size: 96KB - Virtual size: 96KB

pypfjsv Size: 76KB - Virtual size: 76KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 332B

.rsrc
Size: 4KB - Virtual size: 1KB

.nrdata
Size: 96KB - Virtual size: 96KB

pypfjsv
Size: 76KB - Virtual size: 76KB