d5053d2b6387251d7b4d147cd702015b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d5053d2b6387251d7b4d147cd702015b_JaffaCakes118
Size

990KB
MD5

d5053d2b6387251d7b4d147cd702015b
SHA1

dfa5968c631938170851e9cb4d1318c2be73fa22
SHA256

69c1f42d2f5c891888457290f0a5c8886ed7473e7b208f4116e89d4506682de7
SHA512

c6de7a383e851b6d1cc88386e57ad133906df04a4a96458c6c16cc6ac9e31f2a6ca6eec4a17feab4f2cfc89c803fa4da7e83ba40cd5baec324474226d31ba98c
SSDEEP

24576:J/lfyQyrWTcsLTAL5g4yQxmy5t7Ufma/jesV38B4:J/tErWosmy6t7UjesV3u4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5053d2b6387251d7b4d147cd702015b_JaffaCakes118

Files

d5053d2b6387251d7b4d147cd702015b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

87f82ac3c904d1f0b2ba18fbab405c97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

ole32

CLSIDFromString
CoCreateInstance
StringFromCLSID
StringFromIID
CoInitialize
CoTaskMemFree
CoUninitialize

msvfw32

ICGetInfo
ICRemove

msvcrt

__winitenv
strncmp
_vsnwprintf
_vsnprintf
atoi
_XcptFilter
_snprintf
memset
_itow
_cexit
wcsrchr
_purecall
_except_handler3
_onexit
__p__fmode
exit
_adjust_fdiv
__wgetmainargs
free
fputs
_iob
_wcslwr
_initterm
qsort
??1type_info@@UAE@XZ
wcsstr
?terminate@@YAXXZ
wcslen
_controlfp
??3@YAXPAX@Z
??2@YAPAXI@Z
_wcsicmp
realloc
__p__commode
__CxxFrameHandler
_itoa
iswspace
_CxxThrowException
__dllonexit
_exit
vwprintf
__set_app_type
__setusermatherr
_wcsnicmp
strchr
_snwprintf
_c_exit

kernel32

CopyFileW
GetFileAttributesW
GetThreadLocale
WideCharToMultiByte
InterlockedDecrement
GetOEMCP
GetFileInformationByHandle
LocalFree
DebugBreak
GetEnvironmentVariableA
EndUpdateResourceW
lstrcmpiA
RemoveDirectoryW
SetFilePointer
lstrlenW
FreeLibrary
lstrcpyA
FindClose
lstrlenA
FreeResource
IsDebuggerPresent
GlobalFree
GetFullPathNameW
CopyFileA
GetACP
ReadFile
LoadLibraryExA
RaiseException
RemoveDirectoryA
InterlockedCompareExchange
GetVersionExW
ExitProcess
GetVersion
GetFileAttributesA
CloseHandle
FindNextFileW
BeginUpdateResourceW
GetSystemDirectoryA
InterlockedExchange
UpdateResourceW
InterlockedIncrement
GetFullPathNameA
GetModuleHandleW
GlobalAlloc
OutputDebugStringA
LoadLibraryExW
GetLocaleInfoA

user32

CharNextW
wsprintfW
CharNextA

shell32

CommandLineToArgvW

Sections

.text
Size: 707KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87f82ac3c904d1f0b2ba18fbab405c97

Headers

File Characteristics

Imports

imagehlp

ole32

msvfw32

msvcrt

kernel32

user32

shell32

Sections

.text Size: 707KB - Virtual size: 706KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 251KB

.rsrc Size: 27KB - Virtual size: 3.2MB

.text
Size: 707KB - Virtual size: 706KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 251KB

.rsrc
Size: 27KB - Virtual size: 3.2MB