b42d56e391efcf410b889fe9d5bd9bb8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b42d56e391efcf410b889fe9d5bd9bb8_JaffaCakes118
Size

969KB
MD5

b42d56e391efcf410b889fe9d5bd9bb8
SHA1

69f9265f88a54169c993e0537b4c9d5b26c7507d
SHA256

70f7690063fe2e2dd09c6014ec3a0579eebdc16dd4a33bf67b1fbabda98ffbae
SHA512

20c185538924dde4b5a877df800c188bd9357526c088a10af43ef5db50d680b557c5fd24dcb2a0552ae173a9827e2f5de2d1108a06b8022e345cf214aec45646
SSDEEP

24576:aE/HutfwiR+W0Ui9TWluSupAm55ELeMAYNEt:5OtoH6iAluXpOSto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b42d56e391efcf410b889fe9d5bd9bb8_JaffaCakes118

Files

b42d56e391efcf410b889fe9d5bd9bb8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2e54f11caae3dce62ad71c1f47304d30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageNtHeader
ImageGetDigestStream
ImageRvaToVa
ImageDirectoryEntryToData

msvcrt

_CxxThrowException
__p__commode
_except_handler3
_wcslwr
_vsnwprintf
realloc
_initterm
qsort
exit
fputs
free
_wcsnicmp
wcsstr
iswspace
__CxxFrameHandler
??1type_info@@UAE@XZ
_adjust_fdiv
memset
wcslen
atoi
strchr
_snwprintf
_itow
__dllonexit
_snprintf
_purecall
vwprintf
_XcptFilter
__winitenv
__set_app_type
_exit
strncmp
_onexit
_wcsicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_controlfp
wcsrchr
__p__fmode
?terminate@@YAXXZ
_c_exit
__wgetmainargs
_cexit
_itoa
_vsnprintf
_iob
__setusermatherr

msvfw32

ICGetInfo
ICRemove

kernel32

RemoveDirectoryA
GetLocaleInfoA
EndUpdateResourceW
FindClose
GetEnvironmentVariableA
InterlockedDecrement
GetModuleHandleW
OutputDebugStringA
CopyFileW
GlobalFree
CloseHandle
lstrcmpiA
GetOEMCP
GetThreadLocale
ReadFile
InterlockedExchange
LoadLibraryExW
GlobalAlloc
lstrlenW
FreeResource
InterlockedCompareExchange
RaiseException
GetFullPathNameA
LocalFree
GetVersion
GetFullPathNameW
GetACP
CopyFileA
SetFilePointer
GetFileAttributesW
ExitProcess
FreeLibrary
BeginUpdateResourceW
DebugBreak
GetFileAttributesA
WideCharToMultiByte
InterlockedIncrement
LoadLibraryExA
GetVersionExW
IsDebuggerPresent
GetFileInformationByHandle
FindNextFileW
UpdateResourceW
RemoveDirectoryW
GetSystemDirectoryA
lstrcpyA
lstrlenA

shell32

CommandLineToArgvW

user32

CharNextW
wsprintfW
CharNextA

ole32

CoUninitialize
StringFromIID
CLSIDFromString
CoTaskMemFree
CoInitialize
StringFromCLSID
CoCreateInstance

Sections

.text
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e54f11caae3dce62ad71c1f47304d30

Headers

File Characteristics

Imports

imagehlp

msvcrt

msvfw32

kernel32

shell32

user32

ole32

Sections

.text Size: 706KB - Virtual size: 706KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 251KB

.rsrc Size: 7KB - Virtual size: 3.2MB

.text
Size: 706KB - Virtual size: 706KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 251KB

.rsrc
Size: 7KB - Virtual size: 3.2MB