da57de658436da45f6d73caa244b7c57_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

da57de658436da45f6d73caa244b7c57_JaffaCakes118
Size

144KB
MD5

da57de658436da45f6d73caa244b7c57
SHA1

817204b5c7b28e193a6351ee89b639db1cffe34e
SHA256

491cfaa3a56bf3001f9449dfff296e2eb3ae6ccda167e110a361c8b563e221df
SHA512

89a1a87690260795195a08f4fdb0ae13ec45e0cd22d3c1f726be580e129ff7bc7ad9f2b7066f66d92927a07eab50dd95cff7f9997d62c90c71cfaa4450c06b06
SSDEEP

3072:1rO1Z4CcWFfiPV9YLL49FzUmDkHonOME8TqihYPXw:1HC1SV9qL495U2kHCXE8Tn+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da57de658436da45f6d73caa244b7c57_JaffaCakes118

Files

da57de658436da45f6d73caa244b7c57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcca17aac891d9cd17540a726b8f7a82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
SendMessageA
wsprintfA
IsCharAlphaNumericA

oleaut32

GetErrorInfo

msvcrt

__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp
_strdup
__p__fmode
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_CxxThrowException
toupper
_iob
fprintf
__CxxFrameHandler
_splitpath
??2@YAPAXI@Z
_vsnprintf
fseek
ftell
fread
strtoul
strchr
_strlwr
strrchr
fopen
fgets
fclose
system
mbstowcs
wcslen
wcscpy
atoi
_access
strcpy
memcmp
strcat
free
malloc
wcscat
strstr
strcmp
sscanf
memcpy
srand
strncpy
strtok
memset
rand
_snprintf
strlen
sprintf
strncat
_strcmpi
_adjust_fdiv

mpr

WNetAddConnection2A

rpcrt4

UuidFromStringA
UuidToStringA

kernel32

ExpandEnvironmentStringsA
lstrlenA
GetStartupInfoA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetWindowsDirectoryA
GetFileTime
SetFileTime
LocalAlloc
lstrcmpA
lstrcpynA
lstrcpyA
lstrcatA
GetCurrentThread
GetCurrentProcess
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
GetLocaleInfoA
GetSystemDirectoryA
GetDateFormatA
GetTimeFormatA
GlobalMemoryStatus
TerminateThread
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
GetVersionExA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
GetTempPathA
MoveFileA
ExitProcess
WideCharToMultiByte
GetModuleHandleA
GetFileAttributesA
SetFileAttributesA
CopyFileA
DeleteFileA
CreateFileA
TransactNamedPipe
WriteFile
CloseHandle
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
ExitThread
GetModuleFileNameA
CreateThread
Sleep
lstrcmpiA
GetTickCount
ReleaseMutex
CreateMutexA
LocalFree

Sections

.text
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iyph5hcc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g6p.au8n
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcca17aac891d9cd17540a726b8f7a82

Headers

File Characteristics

Imports

user32

oleaut32

msvcrt

mpr

rpcrt4

kernel32

Sections

.text Size: 71KB - Virtual size: 72KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 45KB - Virtual size: 404KB

iyph5hcc Size: 21KB - Virtual size: 24KB

g6p.au8n Size: 512B - Virtual size: 4KB

.text
Size: 71KB - Virtual size: 72KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 45KB - Virtual size: 404KB

iyph5hcc
Size: 21KB - Virtual size: 24KB

g6p.au8n
Size: 512B - Virtual size: 4KB