dc37749e2622b5a23aab7bf94407d3c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc37749e2622b5a23aab7bf94407d3c3_JaffaCakes118
Size

740KB
MD5

dc37749e2622b5a23aab7bf94407d3c3
SHA1

1168cad1d39f3ef7d54cb95a803df90deea698a1
SHA256

bdee9865d5b20100377b2084f487edaedbec55cc2de60892c90132f179db5b34
SHA512

1d8a0997b9a983065f1ac59066e3d49250b6fb1091668dbc1119ce6afbfdd014f312f886c27ddef824678ca71aa9cff17c0871f03f8a29730bd4b443becaaaed
SSDEEP

12288:iVGLXwTmLJgsoy7Z18prviMci/5+ELaT/zMAgNeRkqNF52T1sM5I3:AOJgsH6r3ci/5+ZEAgNe6x5p5I3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc37749e2622b5a23aab7bf94407d3c3_JaffaCakes118

Files

dc37749e2622b5a23aab7bf94407d3c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c83f813464e4b4734ae65cef529b5df1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW

kernel32

GetTickCount
SetStdHandle
LCMapStringW
LCMapStringA
VirtualAlloc
GetVersion
GetTimeFormatA
HeapCreate
GlobalAlloc
GlobalUnlock
ExpandEnvironmentStringsA
GetTempFileNameA
GetVersionExW
CloseHandle
GetModuleFileNameW
GetStartupInfoA
CreateFileMappingW
EnumSystemLocalesA
GetSystemTime
GetStringTypeW
GetModuleFileNameA
CreateProcessW
GetFileTime
CompareStringA
GetTempPathW
GetCurrentProcessId
HeapSize
DeleteCriticalSection
CreateFileMappingA
GetConsoleMode
CreateThread
HeapDestroy
HeapAlloc
FormatMessageA
GetLocaleInfoA
CreateDirectoryA
GetACP
GlobalHandle
HeapFree
CreateProcessA
IsBadWritePtr
GetLocaleInfoW
CreateMutexW
CreateMutexA
GetCurrentDirectoryA
FindResourceExW
GetSystemInfo
GetCurrentThread
IsBadReadPtr
InterlockedExchange
GetModuleHandleA
ExitThread
GetShortPathNameW
CreateDirectoryW
GetSystemTimeAsFileTime
CreateFileW
GetFileSize
GetStdHandle
GetCurrentThreadId
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeA
GetTempPathA
FindResourceW
CompareStringW
FreeLibrary
GetStartupInfoW
InitializeCriticalSection
GetCPInfo
GetLastError
GetModuleHandleW
InterlockedIncrement
CreateFileA
CopyFileW
FindResourceA
GetProcessHeap
ExitProcess
CreateEventA
GetVersionExA
HeapReAlloc
GlobalLock
GetThreadTimes
CopyFileA
GetFileType
CreateEventW
InterlockedCompareExchange
IsBadStringPtrW
GetConsoleCP
GetTempFileNameW
GlobalFree
GetShortPathNameA
GetCurrentDirectoryW
GlobalReAlloc
InterlockedDecrement
GetLocalTime
LoadLibraryA
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
VirtualFree
RtlUnwind
WriteFile
GetOEMCP
GetProcAddress
FlushFileBuffers
SetFilePointer
MultiByteToWideChar

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 576KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c83f813464e4b4734ae65cef529b5df1

Headers

File Characteristics

Imports

version

kernel32

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 576KB - Virtual size: 578KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 576KB - Virtual size: 578KB