bb547a3715fad08e01ab7c1d7eacb64f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb547a3715fad08e01ab7c1d7eacb64f_JaffaCakes118
Size

60KB
MD5

bb547a3715fad08e01ab7c1d7eacb64f
SHA1

c233a91e726455ba5a74c07d1015b452b7967aa5
SHA256

d800beb064b2b5b21a81de949d3f32a068c3b5217870789b053d66b36243e235
SHA512

f9a6e3a80bd566c93497b8a5a3e6a5668fee8ab667a4a4ca99866b8879148febbdd8a934a736632563ede96e9e409ee2f9c8c085470fda4a692038a4cca0f2ca
SSDEEP

768:HOSpAZkw5ewReAS4sIsttee+0dGqWTvBfnuAuwyBPFpU1tG:HObZkLrlyeBGqW9fuDwestG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb547a3715fad08e01ab7c1d7eacb64f_JaffaCakes118

Files

bb547a3715fad08e01ab7c1d7eacb64f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4c3943dad80eabdacff5ca356841a38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
CreateProcessA
DeleteFileA
Sleep
GetSystemTime
Process32Next
GetCurrentProcessId
OpenProcess
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetWindowsDirectoryA
GetModuleFileNameA
CreateThread
CopyFileA
CreateDirectoryA
GetSystemDirectoryA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
CreateFileA
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableA
HeapReAlloc
GetTimeZoneInformation
GetLocalTime
GetCommandLineA
GetVersion
HeapFree
GetLastError
WriteFile
ReadFile
TerminateProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc

user32

FindWindowExA
GetWindowTextA
wsprintfA

shell32

ShellExecuteA

winmm

timeGetTime

ws2_32

gethostname
WSAStartup
gethostbyname
inet_ntoa

rpcrt4

UuidCreateSequential

psapi

GetModuleFileNameExA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4c3943dad80eabdacff5ca356841a38

Headers

File Characteristics

Imports

kernel32

user32

shell32

winmm

ws2_32

rpcrt4

psapi

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 17KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 17KB