daa04b5ac3a345a3675b543e82fa58bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

daa04b5ac3a345a3675b543e82fa58bf_JaffaCakes118
Size

1.3MB
MD5

daa04b5ac3a345a3675b543e82fa58bf
SHA1

624a343ec9183f839057e5a57906015a66281c31
SHA256

dd87c7715454cc7083d598f94672dd2cee1baf627367bc0648f97e8059bae027
SHA512

dfa2970e10386a35f0ec6230452e82500843853df30f02bd8b67696acdf9917fea118ae11ead57df296173df33bae32fbf0308e9de0df2308d164621110cb2e4
SSDEEP

24576:0ZWudA5vBB21GqepnvLDGZ0bziGaHzZIEypUTwJTjzDTKaV:0pW5vB412ne0bzidzZFy0ATjzDTKaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daa04b5ac3a345a3675b543e82fa58bf_JaffaCakes118

Files

daa04b5ac3a345a3675b543e82fa58bf_JaffaCakes118
.exe windows:6 windows x86 arch:x86

e745c998cd1752ece932edc569c9b2ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

zlib1

inflateInit_
inflateEnd
inflate

msvcr110

strtok_s
sscanf
_snprintf
_mbsrchr
_stat64i32
??_V@YAXPAX@Z
??_U@YAPAXI@Z
fflush
strtol
isspace
_wfopen
strerror
_time64
__RTDynamicCast
qsort
ceil
exit
realloc
getenv
fgetc
ungetc
memset
fread
fseek
ftell
strchr
isalpha
isxdigit
strcspn
_hypot
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
_CIatan2
_libm_sse2_cos_precise
_libm_sse2_sin_precise
longjmp
strstr
atof
_setmode
_libm_sse2_acos_precise
_libm_sse2_asin_precise
isalnum
_libm_sse2_log10_precise
_libm_sse2_log_precise
strftime
_gmtime64
_vsnprintf
remove
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__initenv
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
floor
sprintf
strncmp
malloc
free
strtod
_errno
localeconv
printf
memcpy
__CxxFrameHandler3
_CxxThrowException
memmove
memchr
abort
fwrite
fputs
fopen
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
isdigit
atoi
strncpy
fprintf
_stricmp
__iob_func
_strdup
_fileno
_setjmp3
strtok

msvcp110

?_Syserror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAPBDH@Z

kernel32

GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThreadId
GetFullPathNameA
GetFileAttributesA
FindNextFileA
FindFirstFileA
FindClose
GetModuleFileNameA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetTickCount64

Sections

.text
Size: 747KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e745c998cd1752ece932edc569c9b2ac

Headers

DLL Characteristics

File Characteristics

Imports

zlib1

msvcr110

msvcp110

kernel32

Sections

.text Size: 747KB - Virtual size: 746KB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 157KB - Virtual size: 158KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 116KB - Virtual size: 115KB

.text
Size: 747KB - Virtual size: 746KB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 157KB - Virtual size: 158KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 116KB - Virtual size: 115KB