bd3cafea6da015bfbfe46a0169387285_JaffaCakes118

General

Target

bd3cafea6da015bfbfe46a0169387285_JaffaCakes118
Size

26KB
MD5

bd3cafea6da015bfbfe46a0169387285
SHA1

cabdfd076e8408646f3de43a08ed415be220b9a1
SHA256

17ec7df57f109128de7a1f812460a0a4ccc2e64103482143a0c8911c6efa6870
SHA512

e5f9268936e11534cf16f29e183ee6e224c6d99385386cdc05a2219631b32794e18047b1fd19fb37275697c8d51bc5bf342e8570c0bc3ac6739269d1dd5727da
SSDEEP

768:YhJKzLNf86mLX268Nypv//d7OAceXj+dL:CozLNfIa9NyJ8Ace

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd3cafea6da015bfbfe46a0169387285_JaffaCakes118

Files

bd3cafea6da015bfbfe46a0169387285_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ec182a79e2a3a075136afaf774df2ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
DeleteCriticalSection
GetTickCount
InitializeCriticalSection
GetSystemTime
DeleteFileA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetComputerNameA
ReadFile
GetFileSize
TerminateThread
WaitForSingleObject
CreateThread
LeaveCriticalSection
EnterCriticalSection
WinExec
CreateFileA
WriteFile
Sleep
CloseHandle
GetStartupInfoA
GetModuleHandleA

advapi32

GetTokenInformation
LookupAccountSidA
OpenProcessToken

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantInit

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
DeleteUrlCacheEntry

msvcrt

_stricmp
_controlfp
_strnicmp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
rand
srand
sprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
free
__CxxFrameHandler
malloc
_exit
_XcptFilter

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ec182a79e2a3a075136afaf774df2ac

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

wininet

msvcrt

ws2_32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 74KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 74KB