ba2b002fad4b5458c01630b071b465a3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ba2b002fad4b5458c01630b071b465a3_JaffaCakes118
Size

192KB
MD5

ba2b002fad4b5458c01630b071b465a3
SHA1

d834c48e389d71950fde1945829555278f05b4c6
SHA256

5792aab046ad6cb8a19f166ab8c897a238dbc80bb91a8e7e85fa4337c5657efd
SHA512

bec303d68c965ae0a0832590f0113a8efd89825fa0fcceb23e41be1bcbd9fdbda91efdf697886151bb88c56e8a24f8749e13e6bb9f944d50ae6472f0a00e4819
SSDEEP

3072:95qnjNAyKcvVJrCEDdr6zttMq1M+Bwq2xGuJVyuKKIabU0+SCkkG/ssoCBNmuAUn:95qFKcvVJdDVeUW/+GuLyVxz0+xkkF1M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba2b002fad4b5458c01630b071b465a3_JaffaCakes118

Files

ba2b002fad4b5458c01630b071b465a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10543533a3944e5f241dd6343392b854

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageRvaToVa
ImageGetDigestStream
ImageNtHeader
ImageDirectoryEntryToData

shell32

CommandLineToArgvW

kernel32

CreateFiberEx
_llseek
GetFileInformationByHandle
GetTempFileNameW
FreeResource
SizeofResource
FindResourceExW
GetFileAttributesW
GetProcessHeap
SetEndOfFile
GetProcAddress
GetCommandLineW
OutputDebugStringA
LoadLibraryExA
LoadLibraryExW
_lclose
GetFileSize
GetTickCount
CreateFileW
_lread
FindFirstFileA
InterlockedExchange
DeleteFileA
UnhandledExceptionFilter
RemoveDirectoryW
LoadLibraryA
GetStringTypeExW
QueryPerformanceCounter
GetSystemDirectoryA
FormatMessageW
InterlockedCompareExchange
_lwrite
GetOEMCP
GlobalFree
IsDebuggerPresent
FindResourceW
FreeLibrary
LoadResource
MoveFileW
GetCurrentProcessId
SetFileAttributesA
EscapeCommFunction
SetFileAttributesW
SetFilePointer
SetUnhandledExceptionFilter
EnumResourceTypesW
UpdateResourceW
GetSystemTimeAsFileTime
GetThreadLocale
DeleteFileW
InterlockedDecrement
GetCurrentProcess
EndUpdateResourceW
GlobalUnlock
UnmapViewOfFile
EnumResourceNamesA
GetCurrentThreadId
GetCurrentDirectoryW
TerminateProcess
HeapReAlloc
GlobalAlloc
CreateFileMappingA
SetLastError
FindClose
ReadFile
GetEnvironmentVariableA
GetVersionExW
GetFullPathNameA
CopyFileA
RemoveDirectoryA
HeapAlloc
lstrlenA
GlobalLock
GetLocaleInfoA
CreateDirectoryA
RaiseException
WideCharToMultiByte
EnterCriticalSection
EnumResourceNamesW
FatalExit
CreateFileA
AreFileApisANSI
GetLastError
DeleteCriticalSection
LockResource
GetFileAttributesA
EnumResourceLanguagesW
MultiByteToWideChar
lstrlenW
FindNextFileW
LeaveCriticalSection
CreateDirectoryW
BeginUpdateResourceW
DebugBreak
GetTempPathW
HeapFree
HeapDestroy
Sleep
CloseHandle
GetVersionExA
WriteFile
ExitProcess
GetACP
CopyFileW
InitializeCriticalSection
GetFullPathNameW
MapViewOfFile
InterlockedIncrement
GetVersion
FindNextFileA
HeapSize
LocalFree
GetModuleHandleW
lstrcmpiA
FindFirstFileW
lstrcpyA

user32

CharNextA
MonitorFromWindow
wsprintfW
CharNextW

advapi32

CryptHashData
CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptDestroyHash

psapi

GetProcessMemoryInfo

msvfw32

ICInfo

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10543533a3944e5f241dd6343392b854

Headers

File Characteristics

Imports

imagehlp

shell32

kernel32

user32

advapi32

psapi

msvfw32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 220KB