b24fe9068a5c609d03de9b684268ffe1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b24fe9068a5c609d03de9b684268ffe1_JaffaCakes118
Size

985KB
MD5

b24fe9068a5c609d03de9b684268ffe1
SHA1

9f9606cbba99ed8180fab3d3ce4c9279894a3505
SHA256

822531291ee7d9515f0f6e943f5f43ba163de3eaae9244171d2458cd4e44aeda
SHA512

d3ed10e73c1bccb7634b1843b87a0f1f8c2e40fdebc5955395f23b202014fd187fce12e978a77a05c58147d8f823faedd1668b7f7ffd843f7a3ea51c14e70145
SSDEEP

24576:d8Fw5+BSxwzD5qARpNBNjRbTCHkt1FKr0o:5TAFqCldTCHkZJo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b24fe9068a5c609d03de9b684268ffe1_JaffaCakes118

Files

b24fe9068a5c609d03de9b684268ffe1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9bf6011341d1d2e4617be032adf948ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_c_exit
_snwprintf
_purecall
wcsrchr
wcslen
_wcsnicmp
_iob
_onexit
__wgetmainargs
realloc
__winitenv
__dllonexit
??1type_info@@UAE@XZ
vwprintf
_wcsicmp
_itoa
_initterm
__setusermatherr
__CxxFrameHandler
_CxxThrowException
?terminate@@YAXXZ
strchr
_XcptFilter
wcsstr
_controlfp
_snprintf
_exit
_vsnwprintf
memset
qsort
__p__commode
_wcslwr
_adjust_fdiv
free
iswspace
atoi
??3@YAXPAX@Z
fputs
strncmp
__p__fmode
_itow
__set_app_type
_except_handler3
exit
_cexit
??2@YAPAXI@Z
_vsnprintf

kernel32

GetFullPathNameW
InterlockedIncrement
GetLocaleInfoA
GetModuleHandleW
FreeResource
GetSystemDirectoryA
GetOEMCP
OutputDebugStringA
GetFullPathNameA
RaiseException
LoadLibraryExW
lstrlenW
IsDebuggerPresent
FindNextFileW
GetFileAttributesA
WideCharToMultiByte
DebugBreak
lstrlenA
SetFilePointer
GetEnvironmentVariableA
LocalFree
InterlockedExchange
FreeLibrary
LoadLibraryExA
RemoveDirectoryW
BeginUpdateResourceW
lstrcpyA
FindClose
CopyFileW
GetVersionExW
ReadFile
EndUpdateResourceW
lstrcmpiA
GetFileInformationByHandle
RemoveDirectoryA
CopyFileA
CloseHandle
GlobalAlloc
GetVersion
ExitProcess
InterlockedDecrement
UpdateResourceW
GetThreadLocale
GetFileAttributesW
GlobalFree
GetACP
InterlockedCompareExchange

user32

CharNextA
wsprintfW
CharNextW

imagehlp

ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData
ImageGetDigestStream

ole32

CoCreateInstance
CoInitialize
StringFromCLSID
CoUninitialize
CLSIDFromString
StringFromIID
CoTaskMemFree

msvfw32

ICGetInfo
ICRemove

shell32

CommandLineToArgvW

Sections

.text
Size: 708KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf6011341d1d2e4617be032adf948ab

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

imagehlp

ole32

msvfw32

shell32

Sections

.text Size: 708KB - Virtual size: 707KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 252KB - Virtual size: 251KB

.rsrc Size: 21KB - Virtual size: 3.2MB

.text
Size: 708KB - Virtual size: 707KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 252KB - Virtual size: 251KB

.rsrc
Size: 21KB - Virtual size: 3.2MB