cf944716780bfe794340af0582a48f8c_JaffaCakes118

General

Target

cf944716780bfe794340af0582a48f8c_JaffaCakes118
Size

143KB
MD5

cf944716780bfe794340af0582a48f8c
SHA1

a1320695a0348f1013386835dbd6ebb1583efebc
SHA256

90eb7ea6a8e2a28144fc1f392268a63c243125d83209e2d07bf4efee7981e668
SHA512

9a16392de368f15b4b600336ca052d85cd6670e020c5266a4f95605820602c3462e61231a1f80293e5c2586155c0e50ef1f8832dd11accc1f0b6f268eafcc6e0
SSDEEP

1536:Yvv4lK/lMmExmipmkF1gSaWWNkRD7JbqRqGN6Pp7sPlaxK5Gb+kv4ds4nXd1Hdv6:1ySxlwS5WNOc6ta15zkv587H5c+YMlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf944716780bfe794340af0582a48f8c_JaffaCakes118

Files

cf944716780bfe794340af0582a48f8c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a1bda55ea7f71557942d74a12928eef5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateThread
GetVersionExA
GetEnvironmentVariableA
MulDiv
IsDebuggerPresent
SetLastError
RaiseException
GetConsoleCP
WaitForSingleObject
MultiByteToWideChar
InitializeCriticalSection
UnhandledExceptionFilter
GetStartupInfoA
GlobalAddAtomA
GetProcAddress
GetTickCount
GetModuleHandleA
GetVersion
lstrcpyA
CreateEventW
GetFileType
TlsAlloc
ResetEvent
SetEvent
TlsGetValue
HeapFree
GetSystemInfo
GetFileAttributesA
PulseEvent
QueryPerformanceFrequency
lstrcatA
FileTimeToSystemTime
GetConsoleMode
GetLocaleInfoA
QueryPerformanceCounter
GetCurrentThreadId
HeapAlloc
GlobalAlloc
LeaveCriticalSection
LockResource
HeapCreate
TlsSetValue

msvcrt

longjmp
_initterm
_vscprintf
exit
_dup
_ui64toa
_controlfp
_wunlink
_ismbclegal
_acmdln
_except_handler3
fsetpos
_waccess
__getmainargs
sinh
ftell
_adjust_fdiv
_mbsicoll
vfwprintf
_heapmin
_wtmpnam
iswpunct
wcsspn
_fpreset
__setusermatherr
_XcptFilter
_mbsbtype
_wtoi64
memcpy
_creat
wcsftime
_exit
__p__fmode
memset
_outp
_cscanf
_longjmpex
strspn
setvbuf
_mbsstr
_heapadd
__p__commode
_chgsign
_wutime64
signal
_cgetws
_mbsdup
_sleep
__set_app_type

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1bda55ea7f71557942d74a12928eef5

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 129KB - Virtual size: 129KB

.data Size: 512B - Virtual size: 142B

.rsrc Size: 512B - Virtual size: 124B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 512B - Virtual size: 142B

.rsrc
Size: 512B - Virtual size: 124B