ac69b017cfcf1e8d53b6d9d9efa50adf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac69b017cfcf1e8d53b6d9d9efa50adf_JaffaCakes118
Size

44KB
MD5

ac69b017cfcf1e8d53b6d9d9efa50adf
SHA1

6eb6ed6bba8c216c8dfc97ce4c172f4dacedcb59
SHA256

e9ac5251fc9bdbd908fb8fe80a89c9242d753322705ba933edc006d2431c7ac2
SHA512

aa83f0bd61f157a01476551ca40e9b913debadb888dd28d4ece8c6757fd3c0930b6cfa7b597771924759530ac584f8c3f8cef54ee08b60cf27fa832c32afcea6
SSDEEP

768:vzkVC+92PomGkP5tfi7L3bbgoESAGbEhu75hgmN7pzLHx1nD6NDLrPsb5IaBQ:bg1u5tfi7L38SA8umJpzltO9LT29Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac69b017cfcf1e8d53b6d9d9efa50adf_JaffaCakes118

Files

ac69b017cfcf1e8d53b6d9d9efa50adf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f5f6c3738df70f9ed80740b7725c20c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc70

ord2352
ord3522
ord3523
ord3513
ord2461
ord3751
ord4262
ord4042
ord3140
ord512
ord698
ord546
ord705
ord1870
ord3831
ord3445
ord1081
ord1077
ord977
ord956
ord957
ord982
ord4958
ord3993
ord4671
ord1523
ord1522
ord1403
ord5666
ord1472
ord1469
ord3748
ord1272
ord4025
ord4933
ord1760
ord4854
ord5989
ord3966
ord4975
ord3208
ord4503
ord4063
ord1452
ord5714
ord812
ord817
ord821
ord819
ord823
ord2463
ord2223
ord2242
ord2237
ord2214
ord2216
ord2234
ord2026
ord2020
ord1377
ord5993
ord3610
ord5991
ord3152
ord4748
ord1234
ord4954
ord1814
ord1508
ord1507
ord1451
ord4972
ord2675
ord4267
ord4043
ord2990
ord300
ord2474
ord1267
ord4361
ord4530
ord650
ord447
ord3062
ord256
ord257
ord5103
ord5446
ord6011
ord4516
ord3890
ord5007
ord5005
ord2219
ord2229
ord2227
ord2225
ord2221
ord2244
ord2232
ord2359
ord2651
ord2529
ord4088
ord2648
ord2546
ord2356
ord5322
ord4985
ord5002
ord4349
ord3750
ord2096
ord4998
ord4996
ord2741
ord1770
ord3640
ord5152
ord5933
ord4883
ord899
ord3614
ord5339
ord1868
ord1913
ord4107
ord5990
ord3609
ord5992
ord3814
ord3832
ord3487
ord2239
ord4322
ord1097

msvcr70

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
_getcwd
memmove
_mbscmp
__CxxFrameHandler
_setmbcp
_except_handler3

kernel32

LockResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LoadResource
FindResourceA
WideCharToMultiByte
FindClose
FindFirstFileA
FindNextFileA
DeleteFileA
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SizeofResource

user32

LoadIconA
EnableWindow
GetSystemMetrics
GetClientRect
IsIconic
DrawIcon
SendMessageA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eefmnkm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f5f6c3738df70f9ed80740b7725c20c

Headers

File Characteristics

Imports

mfc70

msvcr70

kernel32

user32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 260B

.rsrc Size: 29KB - Virtual size: 31KB

eefmnkm Size: - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 260B

.rsrc
Size: 29KB - Virtual size: 31KB

eefmnkm
Size: - Virtual size: 4KB