a9dad4792a270d2aa064086f8c3fadb8_JaffaCakes118

General

Target

a9dad4792a270d2aa064086f8c3fadb8_JaffaCakes118
Size

147KB
MD5

a9dad4792a270d2aa064086f8c3fadb8
SHA1

f9f045266635986049703be9b2983f268ef8d158
SHA256

edc309ca7bbe313d562e12d499f6130e305ef7cfefd605088eb6394cf4c08465
SHA512

39ddd183b0c9fba109fa5efd1a91c063850fb26b10bdab17ad2fc25af1bea1c7a8bd65bcc5f2c85b633c5bd3bd0b9c2b049cd3676ea02f14d47dee137113b543
SSDEEP

3072:HqrZE0E3hCIWAHnyceCMq6BwQ0b/ll0+wI1pd:AnE3hCItyceG9Qag+wIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9dad4792a270d2aa064086f8c3fadb8_JaffaCakes118

Files

a9dad4792a270d2aa064086f8c3fadb8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6fae03fc2460d7d8e7ad0410b4715f9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
TerminateThread
IsDebuggerPresent
GetModuleFileNameA
GetComputerNameW
VirtualAlloc
SetEvent
SetPriorityClass
GlobalMemoryStatus
HeapSize
FindClose
GetStartupInfoA
HeapCreate
LocalFree
TlsAlloc
HeapAlloc
MulDiv
CreateEventW
WaitForMultipleObjects
WriteConsoleA
InterlockedDecrement
GetExitCodeThread
InitializeCriticalSection
GetStringTypeA
GetLocaleInfoA
FindResourceA
RtlUnwind
GetModuleHandleA
HeapFree
LockResource
FileTimeToSystemTime
UnmapViewOfFile
lstrcatA

msvcrt

_cgetws
_wperror
frexp
__setusermatherr
_wunlink
_ismbckata
_wutime64
_wtol
__getmainargs
wcsspn
_acmdln
__p__fmode
_wspawnv
_execve
memcpy
_spawnve
_XcptFilter
_controlfp
_lfind
_itoa
_initterm
__set_app_type
towupper
mbtowc
_adjust_fdiv
exit
fclose
_mbsninc
gets
_mbctohira
fopen
setvbuf
atan2
_wstrtime
_wfdopen
_exit
_wremove
_except_handler3
_dup
_wrename
iswgraph
vprintf
_execl
_ismbchira
iswprint
__p__commode
_dup2

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fae03fc2460d7d8e7ad0410b4715f9c

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 512B - Virtual size: 120B

.rsrc Size: 512B - Virtual size: 160B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 512B - Virtual size: 120B

.rsrc
Size: 512B - Virtual size: 160B