bc6b35983d37b28df3d09e62632e9349_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bc6b35983d37b28df3d09e62632e9349_JaffaCakes118
Size

110KB
MD5

bc6b35983d37b28df3d09e62632e9349
SHA1

a356ee1e8cf2cc4b9c42f4626182b19bdda78b3d
SHA256

cdac3502aa0ccf2343921aa236e6c89e39b86d97846fd14856780ccc6d31ef9c
SHA512

466b57dc8f0134f886220d6d08aaff5904981742af9084b9168544da3afbe5ddd3654394a4daf961bd9758b0bc641cbb2f27cd91e3f05a4c457e83a77ef1a580
SSDEEP

3072:Rivs/+JXqyZDITasBiuUO+XKltvETOgE+VU6PSKRYxD:0hOXvYOgJVhPS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc6b35983d37b28df3d09e62632e9349_JaffaCakes118

Files

bc6b35983d37b28df3d09e62632e9349_JaffaCakes118
.exe windows:1 windows x86 arch:x86

350103c36c10a70bb5d6d0d1927ff576

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
lstrcpyA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
GetModuleFileNameA
WriteFile
WaitForSingleObject
WaitForDebugEvent
VirtualQuery
TerminateProcess
SetFilePointer
SetEndOfFile
ReadProcessMemory
ReadFile
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExA
GetThreadLocale
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFileSize
GetFileAttributesA
GetDiskFreeSpaceA
GetCurrentThreadId
GetCPInfo
FormatMessageA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateProcessA
CreateFileA
CreateEventA
CreateDirectoryA
ContinueDebugEvent
CompareStringA
CloseHandle

user32

GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
MessageBoxA
LoadStringA
GetSystemMetrics
DestroyWindow

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

oleaut32

VariantChangeTypeEx
VariantCopyInd
VariantClear
SysStringLen
SysFreeString
SysReAllocStringLen
SysAllocStringLen

Sections

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pseudo
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

350103c36c10a70bb5d6d0d1927ff576

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 94KB - Virtual size: 96KB

.data Size: 1KB - Virtual size: 4KB

Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 8KB

.pseudo Size: 5KB - Virtual size: 8KB

.text
Size: 94KB - Virtual size: 96KB

.data
Size: 1KB - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 8KB

.pseudo
Size: 5KB - Virtual size: 8KB