bc491c00b6178a0e0afff412baa0e1bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc491c00b6178a0e0afff412baa0e1bc_JaffaCakes118
Size

997KB
MD5

bc491c00b6178a0e0afff412baa0e1bc
SHA1

87b2314d8b71de8ab5e805e0dacc0224b6655c9a
SHA256

49d321e84524db90a3831fe9177acfaad666dc3ffc8c1a9b8db2e5c89efab63e
SHA512

ec2035e9a3b5ed30370cd864cf51bbac858a3c96d5c8109df1d1fe6ebf26b62b36987d3c466a69e7088cbfb2fbd7a24d1f7a98a7ea79c8e4dcdcb91287879583
SSDEEP

12288:/NDo2qhQOKH56xRBiiWaxClQKhPCsV5EpR/JTNrpbbiY+QwpuKXsbjO4jLwx:/poV+HH5yBAQFj7PRsGLjA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc491c00b6178a0e0afff412baa0e1bc_JaffaCakes118

Files

bc491c00b6178a0e0afff412baa0e1bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

58ffb8d3613eeade85dcaa53f4323ea1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW

kernel32

SetFilePointer
GlobalFree
FreeLibrary
GetFileAttributesA
WideCharToMultiByte
GetVersionExW
RaiseException
InterlockedCompareExchange
GetVersion
ExitProcess
DebugBreak
InterlockedExchange
GetModuleHandleW
LoadLibraryExA
lstrcpyA
EndUpdateResourceW
GlobalAlloc
ReadFile
GetLocaleInfoA
BeginUpdateResourceW
GetThreadLocale
GetFullPathNameA
LoadLibraryExW
LocalFree
GetOEMCP
FindClose
InterlockedDecrement
CopyFileA
FreeResource
RemoveDirectoryW
lstrlenW
lstrlenA
GetFullPathNameW
CopyFileW
GetSystemDirectoryA
IsDebuggerPresent
FindNextFileW
UpdateResourceW
OutputDebugStringA
CloseHandle
GetACP
RemoveDirectoryA
GetFileInformationByHandle
lstrcmpiA
GetEnvironmentVariableA
GetFileAttributesW
InterlockedIncrement

ole32

CoInitialize
CoTaskMemFree
CLSIDFromString
CoCreateInstance
CoUninitialize
StringFromIID
StringFromCLSID

msvcrt

memset
_vsnprintf
_initterm
_CxxThrowException
iswspace
_except_handler3
__CxxFrameHandler
??1type_info@@UAE@XZ
__wgetmainargs
_XcptFilter
exit
qsort
__dllonexit
_itow
free
_iob
_cexit
_onexit
realloc
_itoa
__set_app_type
_wcslwr
strncmp
__p__fmode
?terminate@@YAXXZ
wcsrchr
_controlfp
vwprintf
_c_exit
__setusermatherr
_wcsnicmp
_snwprintf
_exit
??3@YAXPAX@Z
atoi
__winitenv
fputs
_adjust_fdiv
_purecall
wcslen
wcsstr
_snprintf
_vsnwprintf
strchr
_wcsicmp
__p__commode
??2@YAPAXI@Z

user32

CharNextA
CharNextW
wsprintfW

msvfw32

ICGetInfo
ICRemove

imagehlp

ImageNtHeader
ImageRvaToVa
ImageGetDigestStream
ImageDirectoryEntryToData

Sections

.text
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ffb8d3613eeade85dcaa53f4323ea1

Headers

File Characteristics

Imports

shell32

kernel32

ole32

msvcrt

user32

msvfw32

imagehlp

Sections

.text Size: 705KB - Virtual size: 704KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 250KB

.rsrc Size: 37KB - Virtual size: 3.2MB

.text
Size: 705KB - Virtual size: 704KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 250KB

.rsrc
Size: 37KB - Virtual size: 3.2MB