b2641fcbe2ee8c42acb4d6cd3b12eb12_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2641fcbe2ee8c42acb4d6cd3b12eb12_JaffaCakes118
Size

79KB
MD5

b2641fcbe2ee8c42acb4d6cd3b12eb12
SHA1

ab5a9b0a184bf5c605a16181139817b8e74b1dcb
SHA256

5667dc72473edede54dd09eea79def7d42eea764e9fbf5533b5e024399705e44
SHA512

aac2c108b29bd1c9ea06ea3899fbe9247797717ee0519d63955340bb39aa9ff11713de81743cca7e988f063a0271277068422e5391a49c09d778e8da2d9df4af
SSDEEP

1536:Vd9Tn13im1LZV91Sxp7GsFRyiZ3QE+N3vh81XCCJ3eEtSa4IEtkxri9IR:Vd9TAm11xSxp5M3vhOPJ3eEtSvIEtkxh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2641fcbe2ee8c42acb4d6cd3b12eb12_JaffaCakes118

Files

b2641fcbe2ee8c42acb4d6cd3b12eb12_JaffaCakes118
.exe windows:1 windows x86 arch:x86

80555e4541557b17014eac2060d1af9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateProcessA
GetCurrentProcessId
GetVersion
_llseek
_lread
FindFirstFileA
GetLastError
FindClose
GetSystemTime
CopyFileA
GetLocalTime
_lclose
GetCurrentDirectoryA
lstrcpyA
MoveFileA
FileTimeToDosDateTime
GetEnvironmentVariableA
FindNextFileA
CreateDirectoryA
ExitProcess
GetTickCount
_lcreat
WinExec
_lwrite
DeleteFileA
RemoveDirectoryA
_lopen
FileTimeToLocalFileTime
SetCurrentDirectoryA

salflibc

__SALFORD_MAP
__throw_temporary_ptr
__undefined_function
I4#WSF
OPEN##
XXRR##
WSF2#
RSU1##
WSF1##
EXIT1#
CH#WSF
CLOS##
__FTN95INIT1_
__CCOPY
XSUX#
R4#WSF
STOP#
RSORT#
__adjust_stack_f
GET_PROGRAM_NAME#
CURDIR#
COMMAND_ARGUMENT_COUNT
GET_COMMAND_ARGUMENT
DOSPARAM#
RSF1##
R4#RSF
CCOPY#
D8#WSF
BED#I
RTF#
COMMAND_LINE
MessageBoxA
GetModuleFileNameA
__Register_map_info
__stdin_address
strlwr
__stdout_address
_scc_lib_version
__stderr_address
__cout_address
__cin_address
__cerr_address
____console_stdin_address
____console_stdout_address
GetModuleHandleA
__initialise_sccdll
____console_stderr_address
mprintf0
__ctype_ptr_address
__vd_info_address
__special_flags_address
strcat
LibMain
__General_shared_address
__WindowsType_address
__init_WindowsType
exit
__initialise_cpplib
__salf_exception_handler
__errno_address
WinMain
strerror
__get_virtual_common_block
__clearwin
__Put_exception_title
GetWindow
__init_cpplib_info
LIBMAIN#
__get_main_arguments
sprintf
__Put_exception_message

user32

DispatchMessageA
KillTimer
PeekMessageA
SetTimer
TranslateMessage

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 116.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.comment
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.salfmap
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.salfdbg
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.salfsys
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.salfvc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80555e4541557b17014eac2060d1af9a

Headers

File Characteristics

Imports

kernel32

salflibc

user32

Sections

.text Size: 21KB - Virtual size: 21KB

.bss Size: - Virtual size: 116.9MB

.comment Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 56B

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 12B

.salfmap Size: 4KB - Virtual size: 3KB

.salfdbg Size: 17KB - Virtual size: 17KB

.salfsys Size: 512B - Virtual size: 24B

.salfvc Size: 512B - Virtual size: 44B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 21KB

.bss
Size: - Virtual size: 116.9MB

.comment
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 56B

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 12B

.salfmap
Size: 4KB - Virtual size: 3KB

.salfdbg
Size: 17KB - Virtual size: 17KB

.salfsys
Size: 512B - Virtual size: 24B

.salfvc
Size: 512B - Virtual size: 44B

.reloc
Size: 3KB - Virtual size: 2KB