d31ac6bdac94092131024238c992c12f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d31ac6bdac94092131024238c992c12f_JaffaCakes118
Size

1.1MB
MD5

d31ac6bdac94092131024238c992c12f
SHA1

8dfed4c57e254e9aa42fb160827258a81417d1e1
SHA256

0b02fa8011e45a4fcc31ee14be476ee95fbb53ee709123e5b85742b2aaf05cf7
SHA512

95076ead8ba6aa1eadd4c9734cf392d23a175f7634774986d674e5a1171510da203f055bd2f35f874308e7b2a0c0e2c1aa4c982979484438652e0e67dcc1ac6a
SSDEEP

24576:w/A/vtj7mLW4KNkjou+qc5RuHlr75Yp6U2VQwGTm1Zp3l:w/A/dm0P+c+HlrKgUxwQm1Zp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d31ac6bdac94092131024238c992c12f_JaffaCakes118

Files

d31ac6bdac94092131024238c992c12f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8baa87a39addc61948fd0b51a691e512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

daisy

createDevice

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

floor
_wtof
strftime
localtime
strchr
fread
strerror
ungetc
fopen
fclose
getc
_iob
realloc
free
fprintf
strstr
fputs
vsprintf
isspace
strtoul
strtod
strncat
strcspn
strncpy
_setjmp3
exit
longjmp
strcoll
_CIpow
iscntrl
localeconv
isalnum
isdigit
isalpha
fgets
_CIsinh
_CIcosh
_CItanh
_CIasin
_CIacos
ceil
_CIfmod
modf
frexp
ldexp
rand
_wtoi
_HUGE
tolower
toupper
isxdigit
isupper
ispunct
sprintf
memchr
strpbrk
system
remove
rename
tmpnam
getenv
clock
gmtime
mktime
difftime
setlocale
tmpfile
fscanf
clearerr
fwrite
ftell
fseek
setvbuf
fflush
strrchr
malloc
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
__security_error_handler
_except_handler3
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
time
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??_V@YAXPAX@Z
_purecall
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strtol
?vswprintf@@YAHPAGIPBGPAD@Z
_errno
islower
memmove
srand

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
Sleep
CreateThread
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetCurrentProcessId

Sections

.text
Size: 552KB - Virtual size: 549KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8baa87a39addc61948fd0b51a691e512

Headers

File Characteristics

Imports

daisy

msvcp71

msvcr71

kernel32

Sections

.text Size: 552KB - Virtual size: 549KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 280KB - Virtual size: 279KB

PACK Size: 144KB - Virtual size: 380KB

.text
Size: 552KB - Virtual size: 549KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 280KB - Virtual size: 279KB

PACK
Size: 144KB - Virtual size: 380KB