bb9617277a8833c9e1ad14a10df57925_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb9617277a8833c9e1ad14a10df57925_JaffaCakes118
Size

121KB
MD5

bb9617277a8833c9e1ad14a10df57925
SHA1

734472d99bf99b912a0a9b7996baf3b7b0eba25d
SHA256

732e299bcd60b7e089e5fdc883fb6cba9a3841eba2e89dd7707910482c266c31
SHA512

b5507bcea41161341ec411431c6c51e950e3704173da9e3223afd30c1e3eb136a32001a1169b806630889b13e58e606fb25c8677b3ac3a9d29e3872b01d028c1
SSDEEP

768:uu+qmY2pNTDTkIhnkRMxWbaSdn2Xi+rCYZQ3OLvU33aa/LEcgQYzCO7UPqpsmj00:u8m5DDTEHdj+m/OL8jVQV7UPqLYCx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb9617277a8833c9e1ad14a10df57925_JaffaCakes118

Files

bb9617277a8833c9e1ad14a10df57925_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da814faaf077a89718d11b3d94d49965

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isprint
_adjust_fdiv
_except_handler3
fprintf
atol
strchr
_ltoa
_splitpath
_purecall
strncpy
memmove
_stricmp
_ftol
vprintf
malloc
_onexit
vsprintf
time
_snprintf
fclose
strpbrk
_strupr
_fullpath
_strnicmp
fflush
_vsnprintf
_itoa
_iob
strtok
strtoul
sprintf
_ultoa
free
toupper
rand
_initterm
_makepath
wcslen
fopen
__dllonexit
swprintf
printf

kernel32

TlsAlloc
SleepEx
UnhandledExceptionFilter
HeapDestroy
UnmapViewOfFile
ReadProcessMemory
FindNextFileA
ExpandEnvironmentStringsA
VirtualAlloc
InitializeCriticalSection
GetCurrentThreadId
WaitForSingleObject
CreateDirectoryA
CopyFileA
GetDiskFreeSpaceA
CreateSemaphoreA
GetLocalTime
ReleaseSemaphore
GetCurrentProcess
ResetEvent
SetThreadPriority
GetCurrentThread
FreeLibrary
GetCurrentProcessId
GetProcessHeap
DeleteFileA
CreateMutexA
LCMapStringW
WriteFile
OutputDebugStringA
GlobalMemoryStatus
InterlockedIncrement
Sleep
IsValidLocale
GetTickCount
GetOverlappedResult
DeleteCriticalSection
GetProcAddress
ReleaseMutex
lstrcpyA
CloseHandle
GetModuleHandleA
SetEvent
GetUserDefaultLangID
FindClose
WriteFileEx
GetFileSize
VirtualQuery
FindFirstFileA
GlobalAlloc
SetFilePointer
WaitForMultipleObjectsEx
lstrlenA
GetFileAttributesA
ReadFile
HeapAlloc
GlobalFree
QueryPerformanceFrequency
CreateThread
TlsSetValue
RemoveDirectoryA
CreateFileMappingA
HeapFree
VirtualFree
HeapCreate
GetModuleFileNameA
GetExitCodeThread
TlsGetValue
FlushFileBuffers
MoveFileA
SetEndOfFile
GetSystemInfo
GetDriveTypeA
TlsFree
CreateEventA
lstrcmpA
MapViewOfFile
GetLastError
EnterCriticalSection
LoadLibraryA
ReadFileEx
QueryPerformanceCounter
DebugBreak
GetSystemDefaultLangID
TerminateProcess
IsProcessorFeaturePresent
LeaveCriticalSection
GetVersionExA
WaitForSingleObjectEx
CreateFileA

lz32

LZClose

winmm

auxSetVolume

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
DeregisterEventSource
RegisterEventSourceA
RegCloseKey
ReportEventA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA

Sections

.textbss
Size: 43KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da814faaf077a89718d11b3d94d49965

Headers

File Characteristics

Imports

msvcrt

kernel32

lz32

winmm

advapi32

Sections

.textbss Size: 43KB - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 420B

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 72KB - Virtual size: 140KB

.textbss
Size: 43KB - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 72KB - Virtual size: 140KB