d146099082e91c6d8988d0dbc77370ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d146099082e91c6d8988d0dbc77370ef_JaffaCakes118
Size

55KB
MD5

d146099082e91c6d8988d0dbc77370ef
SHA1

86e16718f2387fb04c0f120f758148c9389354a2
SHA256

d9e6888ac46a8f76c41e2c4273c4c5146ee68b2af9fb7c57fa848b9dec637698
SHA512

3682b1f2bad7dac55824cd7ecd41cc38a4f25fa7dc1c6070486f43e53230baa5a0ce24eee37edfcdd77003b842096bc6f29a8aef09fcca66bc00e31faaa7a306
SSDEEP

1536:6gi82uCyykM7lhnaRnyPR2o4ZvTsnASDJlFzB:6gcuCkMHSnyPR2o4mAS9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d146099082e91c6d8988d0dbc77370ef_JaffaCakes118

Files

d146099082e91c6d8988d0dbc77370ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a73d87ccf74e246891ef71e4ad2f25d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
GetModuleFileNameA
GetTempPathA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
DeleteFileA
SetFileAttributesA
MoveFileA
GetFileAttributesA
Sleep
CopyFileA
CreateDirectoryA
GetProcAddress
LoadLibraryA
GetLocalTime
lstrcmpA
FreeLibrary
WinExec
CloseHandle
WriteFile
GetLastError
MultiByteToWideChar
lstrlenA
InterlockedDecrement
CreateThread
GetWindowsDirectoryA
GetLogicalDriveStringsA
FindClose
FindNextFileA
FindFirstFileA
ExpandEnvironmentStringsA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
OpenProcess
Module32Next
Module32First
LocalFree
CreateFileA

ole32

CLSIDFromProgID
CoUninitialize
CoInitialize
CLSIDFromString
OleRun
CoCreateInstance

oleaut32

SysAllocString
GetErrorInfo
SysFreeString
VariantClear

ws2_32

gethostbyname
gethostname
WSACleanup
WSAStartup

msvcrt

_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
sprintf
fopen
rand
srand
time
fclose
fputs
strncpy
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
strcspn
strstr
realloc
malloc
_strcmpi
_CxxThrowException
_exit
_XcptFilter
exit
__p___initenv

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata0
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a73d87ccf74e246891ef71e4ad2f25d

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

ws2_32

msvcrt

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 28KB

.rdata0 Size: 10KB - Virtual size: 9KB

.reloc Size: 512B - Virtual size: 16B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 28KB

.rdata0
Size: 10KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 16B