bb343841ffd52a050b65346731291b83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb343841ffd52a050b65346731291b83_JaffaCakes118
Size

291KB
MD5

bb343841ffd52a050b65346731291b83
SHA1

bc520e2c3191b2d7f745c2c4bcb8860406702b1f
SHA256

18f99df3a5fab0019d37d517db825b0563c8a41672cb7a0301e136ba6f5d599e
SHA512

19eccce0001a3b03cce9622c12e2249f944f895be7858a83bab0d01873240dddbabe7872203777f61a4d5106f4f6285e4414d1308577fa1436ea1b5293768a07
SSDEEP

6144:Bs5YuvmS2y0dX34+t4tcyVOGZY9lIdPFqS0gVq:G5/MyUo+t4tx9oi9N0gVq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb343841ffd52a050b65346731291b83_JaffaCakes118

Files

bb343841ffd52a050b65346731291b83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

845dbbefa6e86b61132468155feaaed9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcmp
lstrcpy
lstrlen
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
LoadLibraryA
GetVersion
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
VirtualProtect
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
WaitForSingleObject
Sleep
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
ReadFile
MulDiv
LockResource
LoadResource
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetTickCount
GetSystemInfo
GetStringTypeExA
GetProcAddress
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCPInfo
GetACP
FreeResource
InterlockedExchange
FormatMessageA
FindResourceA
EnumCalendarInfoA
CreateThread
CreateFileA
CreateEventA
CompareStringA
CloseHandle

Sections

CODE
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DELPHI
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XXXXXX
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

845dbbefa6e86b61132468155feaaed9

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 45KB - Virtual size: 45KB

DATA Size: 1024B - Virtual size: 552B

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 3KB - Virtual size: 2KB

.rsrc Size: 229KB - Virtual size: 229KB

DELPHI Size: 4KB - Virtual size: 4KB

XXXXXX Size: 4KB - Virtual size: 4KB

CODE
Size: 45KB - Virtual size: 45KB

DATA
Size: 1024B - Virtual size: 552B

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 229KB - Virtual size: 229KB

DELPHI
Size: 4KB - Virtual size: 4KB

XXXXXX
Size: 4KB - Virtual size: 4KB