b335007726c8ae93da8debb58efe0be3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b335007726c8ae93da8debb58efe0be3_JaffaCakes118
Size

604KB
MD5

b335007726c8ae93da8debb58efe0be3
SHA1

19d19b9e2b465b126368ae9f3c50336a9cb55dff
SHA256

07d43f831c05a8dec3f3b6d2eed3fc7a1858297dbe4fd616db890a3fa87be2de
SHA512

60c63c564f611af1ed0ac3693b3b6e8eb588ef9972e2778ea39ca9bed87fdfcc659a3f044d40013b3be9a50f4c11b04af3326535309ccf6a2ce8d02f1d57b4c3
SSDEEP

12288:/6T0tb6nu7gMgeG8tjkBiLgNxfcZ0Tf1BFDiA6u0ri8mViJYMsEf:hMn8ZgeDjkBiMzr1BBivu0rXcim+f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b335007726c8ae93da8debb58efe0be3_JaffaCakes118

Files

b335007726c8ae93da8debb58efe0be3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

853d7a9e8d5843a729b5429a5fd37648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CallNamedPipeA
CompareStringW
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
EnumResourceTypesA
ExitProcess
FindAtomA
FindResourceA
FreeLibrary
GetAtomNameA
GetBinaryTypeW
GetCommandLineA
GetCurrencyFormatA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTickCount
InitAtomTable
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalSize
OpenMutexA
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
free
fwrite
malloc
memcpy
memset
rand
realloc
signal
srand
vfprintf

user32

CreateWindowExA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 396B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

853d7a9e8d5843a729b5429a5fd37648

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 44B

.rdata Size: 1024B - Virtual size: 564B

.bss Size: - Virtual size: 396B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 592KB - Virtual size: 591KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 44B

.rdata
Size: 1024B - Virtual size: 564B

.bss
Size: - Virtual size: 396B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 592KB - Virtual size: 591KB