dcf3d84f789f62ca63f68bc037cc160c_JaffaCakes118

General

Target

dcf3d84f789f62ca63f68bc037cc160c_JaffaCakes118
Size

64KB
MD5

dcf3d84f789f62ca63f68bc037cc160c
SHA1

7b76487e2f21410200c6f29e6ae7efddc229a889
SHA256

e3cd1acbb6c5422d04442a1e463c40175ecb9a27e8a4a99ce1a93522f3f6bd9d
SHA512

da3a44f4f5f159922dc89fe782c8405f27b5b9a01c7f71deebbf5340975669750cdb3b8cf368db0dd2fee4d0b67718e1bdc1900c82dbccd188531ce82a80cba2
SSDEEP

1536:yErzmyDDPfCrg3POcd5BmLM9VLJor7rApFBuZzRtwg0sh:ywyyDDXt3POcULMfLJ8Y/BYz8g0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcf3d84f789f62ca63f68bc037cc160c_JaffaCakes118

Files

dcf3d84f789f62ca63f68bc037cc160c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf53dd02006652f4b7becc5d00c9d419

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineW
GetSystemTimeAsFileTime
SetSystemPowerState
GetCPInfo
FormatMessageW
GetCurrentThread
GetVersionExW
TerminateProcess
CreatePipe
PeekNamedPipe
GetExitCodeProcess
GetEnvironmentVariableW
WinExec
SetUnhandledExceptionFilter
SetErrorMode
DuplicateHandle
GetModuleFileNameA
OpenMutexA
CreateMutexW
CreateMutexA
FlushFileBuffers
CreateEventW
GetTempFileNameA
GetVersion
LocalAlloc
LocalFree
FreeLibrary
LoadLibraryW
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
WideCharToMultiByte
RemoveDirectoryW
MoveFileW
FindNextFileW
FindFirstFileW
TlsSetValue
TlsAlloc
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
GetProfileStringW

msvcr71

atoi
memmove
time
strncmp
fclose
fread
fseek
fopen
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp

Exports

Exports

axgdkcsoanmlsitlgjftqfswb
cnidibfuruom
gxngztwxhahxazpzao
qhagxbaeaqoviywb
zcvxjvmpymusauaofmnmeggc

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf53dd02006652f4b7becc5d00c9d419

Headers

File Characteristics

Imports

kernel32

msvcr71

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 24KB - Virtual size: 278KB

.rsrc Size: 1024B - Virtual size: 952B

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 24KB - Virtual size: 278KB

.rsrc
Size: 1024B - Virtual size: 952B