bd7b8370608bb68761f13f62828d9e1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd7b8370608bb68761f13f62828d9e1f_JaffaCakes118
Size

216KB
MD5

bd7b8370608bb68761f13f62828d9e1f
SHA1

a49e8bead48080c532bd85d41d02a80e11d311a9
SHA256

92580823760b7e8ebf4df9fe0207fe16c87ec1610b5de15a78c3b038e3f7d933
SHA512

fe9729df347bef738b0ba63ca2ece895c5423d7e4b889a983ed4b407bbcd52fd30ab126e8c1324311197b8fda76f209ad41fe26a99f89655e313c408cec2e411
SSDEEP

6144:h9fCNSzEeKi141EgXqjyiYrSL0uTNUglDXB3:hMOEo+1JqjyiYrSL0uBb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd7b8370608bb68761f13f62828d9e1f_JaffaCakes118

Files

bd7b8370608bb68761f13f62828d9e1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ee8803bf952124f6b74e665317c8131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetStartupInfoA

advapi32

CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptAcquireContextA
CryptReleaseContext
CryptSetKeyParam
CryptDecrypt
CryptDeriveKey
CryptHashData
CryptCreateHash

pk79

ord8535
ord6439
ord576
ord3695
ord1870
ord6436
ord10011
ord1844
ord6326
ord136
ord5645
ord3027
ord8453
ord4416
ord5917
ord9776
ord3717
ord2511
ord5592
ord9241
ord3428
ord9439
ord3321
ord7077
ord8029
ord3872
ord9572
ord4649
ord2138
ord482
ord10104
ord2947
ord395
ord9666
ord1333
ord3026
ord5981
ord955
ord6415
ord8205
ord332
ord2714
ord138
ord8854
ord5320
ord7154
ord7761
ord918
ord3426
ord7251
ord8136
ord8715
ord7416
ord5523
ord546
ord2636
ord981
ord8162
ord680
ord6576
ord4759
ord3734
ord5882
ord9581
ord6480
ord2170
ord8602
ord9377
ord5624
ord8017
ord7458
ord341
ord8466
ord9638
ord6209
ord83
ord6499
ord9626
ord734
ord740
ord2944
ord6161
ord9246
ord8850
ord2861
ord5700
ord8753
ord1111
ord7584
ord8733
ord7175
ord4908
ord8447
ord9118
ord4041
ord4052
ord2853
ord2950
ord7657
ord8876
ord1484
ord7226
ord5343
ord2531
ord6863
ord5319
ord1776
ord4569
ord8911
ord7259
ord7776
ord1270
ord5495
ord7696
ord439
ord9506
ord8561
ord9190
ord6245
ord1109
ord4425
ord584
ord435
ord2620
ord2404
ord4633
ord9220
ord7257
ord9370
ord5030
ord5632
ord1585
ord274
ord4232
ord9089
ord3726
ord421
ord8019
ord4424
ord7248
ord2033
ord9700
ord787
ord857
ord5012
ord4148
ord8968
ord873
ord896
ord2559
ord3565
ord6078
ord3062
ord3465
ord6204
ord6275
ord791
ord5047
ord2164
ord1756
ord4882
ord2983
ord3508
ord6075
ord3066
ord9427
ord9589
ord8716
ord4868
ord8667
ord8265
ord2476
ord781
ord7786
ord3150
ord2700
ord9072
ord8884
ord5674
ord892
ord783
ord4580
ord9237
ord4348
ord219
ord7873
ord4928
ord6332
ord4664
ord7938
ord8720
ord9579
ord1898
ord2642
ord1708
ord8653
ord2072
ord7043
ord2266
ord4256
ord2195
ord5656
ord7466
ord7563
ord1575
ord6127
ord8750
ord2858
ord10072
ord7171
ord9804
ord5364
ord5338
ord1679
ord9599
ord2224
ord6692
ord7955
ord1404
ord8420
ord447
ord9447
ord4604
ord8013
ord4133
ord8119
ord9992
ord3161
ord4796
ord9456
ord4887
ord1872
ord2133
ord681
ord3173
ord2499
ord8616
ord1883
ord2523
ord8627
ord5956
ord3396
ord6375
ord5784
ord7017
ord4587

msvcr71

_controlfp
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_wcsupr
fopen
memcmp
__CxxLongjmpUnwind
_setjmp3
_CxxThrowException
memset
memcpy
??2@YAPAXI@Z
_purecall
strlen
__CxxFrameHandler
??3@YAXPAX@Z
_onexit

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 762B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

xdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 561B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ee8803bf952124f6b74e665317c8131

Headers

File Characteristics

Imports

kernel32

advapi32

pk79

msvcr71

Sections

.text Size: 96KB - Virtual size: 92KB

CONST Size: 4KB - Virtual size: 762B

_TEXT Size: 44KB - Virtual size: 40KB

xdata Size: 4KB - Virtual size: 2KB

text Size: 4KB - Virtual size: 1KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 336B

_DATA Size: 4KB - Virtual size: 561B

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 96KB - Virtual size: 92KB

CONST
Size: 4KB - Virtual size: 762B

_TEXT
Size: 44KB - Virtual size: 40KB

xdata
Size: 4KB - Virtual size: 2KB

text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 336B

_DATA
Size: 4KB - Virtual size: 561B

.rsrc
Size: 28KB - Virtual size: 27KB