ec092f333ce6f60e9f483bd15c4b41f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ec092f333ce6f60e9f483bd15c4b41f2_JaffaCakes118
Size

50KB
MD5

ec092f333ce6f60e9f483bd15c4b41f2
SHA1

1c485514d05986a1fbe7f5dd75201dc676f101a5
SHA256

d18dc89eee1957ffacbc85e3436e52c474f79000ab21ccb58ace50f383fddbdd
SHA512

ac93be78937aa8bf561a87e1befd0503e540ddadd50e67a848e600ef35a7b13c09d80c91cb0f18a2d4842f949a151cba25a55976007dd1d96a9da248a253f6f3
SSDEEP

1536:DQnSuPXKKhksv0n/9W1RirH2K9Lqrbs8V2G67hR+22SLQmphSNSvgb1lm9iFFDZx:DQnSuPXlhksv0/9W1grH2K9GNQG67hY/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec092f333ce6f60e9f483bd15c4b41f2_JaffaCakes118

Files

ec092f333ce6f60e9f483bd15c4b41f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a46db568ea776ce0219939e472129b43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_stricmp
fclose
fopen
memmove
toupper
strncpy
sprintf
_strnicmp
time
_ftol
_fullpath
_strupr
strchr
_purecall
malloc
_splitpath
_onexit
_itoa
atol
_initterm
vprintf
_ultoa
strpbrk
_ltoa
_except_handler3
_snprintf
strtok
__dllonexit
swprintf
vsprintf
isprint
_makepath
printf
wcslen
strtoul
_vsnprintf
rand
free
fflush
_adjust_fdiv
fprintf
_iob

advapi32

RegisterEventSourceA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegCloseKey
ReportEventA
RegOpenKeyExA
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueA
DeregisterEventSource

winmm

auxSetVolume

lz32

LZClose

kernel32

ReadProcessMemory
CreateMutexA
CreateFileMappingA
lstrcpyA
GetProcAddress
lstrlenA
Sleep
GetCurrentProcessId
GetProcessHeap
ResetEvent
SleepEx
VirtualQuery
VirtualAlloc
QueryPerformanceFrequency
TlsAlloc
GetFileSize
GetSystemDefaultLangID
ReadFileEx
UnhandledExceptionFilter
CreateSemaphoreA
GlobalFree
HeapDestroy
GetDiskFreeSpaceA
CopyFileA
TerminateProcess
CreateThread
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
FindClose
GetUserDefaultLangID
LCMapStringW
IsProcessorFeaturePresent
ReadFile
WaitForMultipleObjectsEx
lstrcmpA
InitializeCriticalSection
HeapCreate
RemoveDirectoryA
GetDriveTypeA
GlobalAlloc
WriteFileEx
GetCurrentThread
SetFilePointer
MoveFileA
DeleteFileA
FreeLibrary
DebugBreak
CreateDirectoryA
HeapFree
TlsFree
FindFirstFileA
GlobalMemoryStatus
DeleteCriticalSection
UnmapViewOfFile
GetCurrentThreadId
GetVersionExA
GetLocalTime
LoadLibraryA
GetSystemInfo
CreateFileA
ReleaseSemaphore
VirtualFree
GetTickCount
InterlockedIncrement
GetCurrentProcess
FindNextFileA
IsValidLocale
SetEndOfFile
OutputDebugStringA
CloseHandle
QueryPerformanceCounter
ReleaseMutex
GetLastError
HeapAlloc
GetOverlappedResult
SetThreadPriority
FlushFileBuffers
GetFileAttributesA
MapViewOfFile
CreateEventA
SetEvent
WriteFile
ExpandEnvironmentStringsA
WaitForSingleObject
WaitForSingleObjectEx
GetModuleHandleA
TlsSetValue
GetModuleFileNameA
TlsGetValue

Sections

.textbss
Size: 43KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a46db568ea776ce0219939e472129b43

Headers

File Characteristics

Imports

msvcrt

advapi32

winmm

lz32

kernel32

Sections

.textbss Size: 43KB - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 420B

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 4B

.textbss
Size: 43KB - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 4B