a9ce69101e2e0bee8aa4538bbd6abb86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9ce69101e2e0bee8aa4538bbd6abb86_JaffaCakes118
Size

728KB
MD5

a9ce69101e2e0bee8aa4538bbd6abb86
SHA1

9529d8f8a27ec10e73d61ee989d312a8c1fb833f
SHA256

4f822154830f35890fc51357f6140f24f3e5e66b08879f5dbeb2ba77075f7dbf
SHA512

2fbba1d6c2eaf59959be514e6aace929d22a0fb9ffccfb3c0f0a84c807b5b14063befc3b8177124d87a1f7b38f75db15c81cb1aec15f5f12c3a5a92bbc6c0748
SSDEEP

12288:QcDJ0fYgbuMZmpxj+5P2T9CjVuzYk+FizqLnqVfg2:Bgbude5Pq9CjVaqTqVl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9ce69101e2e0bee8aa4538bbd6abb86_JaffaCakes118

Files

a9ce69101e2e0bee8aa4538bbd6abb86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

881e03c327d966b007f7a826da361095

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharAlphaNumericA
wsprintfA

oleaut32

VariantClear
VariantInit
GetErrorInfo
SetErrorInfo
VariantChangeType
SysFreeString
CreateErrorInfo

gdi32

DeleteDC
CreateDCA
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject

ws2_32

shutdown
WSAGetLastError
recv
WSASetLastError
send
closesocket

msvcrt

memchr
_ftol
_isctype
_errno
fwrite
fflush
_setmode
ftell
fseek
getenv
_except_handler3
gmtime
_getch
fputs
signal
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
__mb_cur_max
_pctype
tolower
abort
bsearch
strerror
realloc
memmove
qsort
strncmp
time
_CxxThrowException
fread
srand
toupper
_iob
fprintf
_splitpath
strtok
sscanf
_strlwr
??2@YAPAXI@Z
_vsnprintf
__CxxFrameHandler
strncpy
malloc
memcpy
free
strchr
strlen
atoi
strstr
rand
sprintf
strncat
strcat
fopen
fgets
fclose
system
strcmp
memset
_snprintf
strcpy
_strdup
_fileno
_stat
localtime
strtoul

kernel32

GetCurrentProcessId
FreeLibrary
QueryPerformanceCounter
FlushConsoleInputBuffer
GetStdHandle
GetStartupInfoA
TerminateThread
GetFileAttributesA
SetFileTime
GetWindowsDirectoryA
GetCurrentThreadId
SetLastError
lstrlenW
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
LocalAlloc
LocalFree
CreateMutexA
ReleaseMutex
GetModuleFileNameA
ExpandEnvironmentStringsA
lstrlenA
lstrcmpA
lstrcpynA
lstrcpyA
lstrcatA
GetCurrentThread
GetCurrentProcess
TerminateProcess
OpenProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetLocaleInfoA
GetVersionExA
GetSystemDirectoryA
GetDateFormatA
GetTimeFormatA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateFileA
ExitThread
WriteFile
CreateProcessA
lstrcmpiA
GetTempPathA
CreateThread
GetLastError
Sleep
SetFileAttributesA
CopyFileA
MoveFileA
DeleteFileA
WaitForSingleObject
CloseHandle
GetTickCount
ExitProcess
GetFileTime

Sections

.text
Size: 557KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

881e03c327d966b007f7a826da361095

Headers

File Characteristics

Imports

user32

oleaut32

gdi32

ws2_32

msvcrt

kernel32

Sections

.text Size: 557KB - Virtual size: 556KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 60KB - Virtual size: 487KB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 557KB - Virtual size: 556KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 60KB - Virtual size: 487KB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 32KB - Virtual size: 32KB