bc2f0fd6d5122117d91fa66ee13fb8f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc2f0fd6d5122117d91fa66ee13fb8f0_JaffaCakes118
Size

76KB
MD5

bc2f0fd6d5122117d91fa66ee13fb8f0
SHA1

39b03e4e1179d54623b0ec4a5cb26885899773a5
SHA256

0bbfa4a0be1c1009d406fa988adfce80627d9dac7b07f26b3492b69ef2725b1a
SHA512

70e183b710b6158ce2c6c7ab7d9ee7943970c066a41e2d476aba7083635a02f9b1b3165e15d259a58386193d25de173437eaf4c8a0dc152960c93fa331ddfceb
SSDEEP

1536:pmxeNWUaQWZzI3FJ0DvKjO00R2ejc9ODWUejbfflW1uTDC:sxeUUaQezIUWOdR25dfflWoTW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc2f0fd6d5122117d91fa66ee13fb8f0_JaffaCakes118

Files

bc2f0fd6d5122117d91fa66ee13fb8f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0039574a01302abb8a78cf14133ccd7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LockResource
FindFirstFileA
GetCommandLineA
RegisterConsoleIME
GetStartupInfoA
FindClose
GetBinaryTypeA
GetVersionExA
GetProcAddress
FreeLibrary
_lclose
GetCurrentProcessId
GetSystemTimeAsFileTime
GetWindowsDirectoryA
GetSystemDirectoryA
GlobalAlloc
GetModuleHandleA
ExpandEnvironmentStringsA
GetPrivateProfileStringA
TerminateThread
LocalFileTimeToFileTime
SetEvent
ReadFile
WriteFile
CreateMutexA
IsDBCSLeadByte
GetModuleFileNameA
WaitForSingleObject
_llseek
GlobalUnlock
HeapFree
lstrcmpA
CreateProcessA
ExitThread
GetStringTypeA
FindNextFileA
GetCurrentThreadId
SetFileTime
GetOEMCP
CreateDirectoryA
FormatMessageA
GetSystemInfo
UnlockFile
GetTickCount
lstrcpynA
lstrcpyA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetExitCodeProcess
GetDriveTypeA
GetLocaleInfoW
GetTempPathA
GetTempFileNameA
GetCurrentProcess
WritePrivateProfileStringA
CreateEventA
GetDiskFreeSpaceA
GetFileAttributesA
DosDateTimeToFileTime
DeleteFileA
lstrlenA
GetShortPathNameA
GetPrivateProfileIntA
QueryPerformanceCounter
SetFilePointer
LoadLibraryExA
CreateFileA
_lopen
lstrcatA
CreateThread
MulDiv
EnumResourceLanguagesA
InvalidateConsoleDIBits
lstrcmpiA
ResetEvent
GlobalLock
RemoveDirectoryA

gdi32

GetTextMetricsA
SelectObject
SetTextColor

shlwapi

PathIsRootA
PathAddBackslashA
PathGetCharTypeA
PathRemoveBlanksA
SHDeleteKeyA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 60KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0039574a01302abb8a78cf14133ccd7a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

shlwapi

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 31KB

.rsrc Size: 2KB - Virtual size: 2KB

.debug Size: 60KB - Virtual size: 91KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 31KB

.rsrc
Size: 2KB - Virtual size: 2KB

.debug
Size: 60KB - Virtual size: 91KB