f6822e9f7dcced6e81753152ae657c07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6822e9f7dcced6e81753152ae657c07_JaffaCakes118
Size

162KB
MD5

f6822e9f7dcced6e81753152ae657c07
SHA1

b9fbae0227afc89cde648813401c0df9fa5075ca
SHA256

5ac90196f4eec634031461660b5eab0f993c4ded1115402e2638f739238f6185
SHA512

b6a2956388f4d36d796a19bc419541bdc3b51bb3278d44350587cf1ca01a33b849dfabefd6eacf0725511803220e6470fd86f834f2d875318bb87877eec35981
SSDEEP

3072:uZTETN95UzEbVQjxChV39dsEK77TE8woxIS7qUBu9zcA7zxsDSmbCflV2k:+cGQVG819dBK773wqfB0zK82k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6822e9f7dcced6e81753152ae657c07_JaffaCakes118

Files

f6822e9f7dcced6e81753152ae657c07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msasn1

ASN1BERDecNotEndOfContents
ASN1BERDecOpenType
ASN1ztcharstring_free
ASN1_CreateEncoder
ASN1bitstring_cmp
ASN1_CreateDecoderEx
ASN1_CloseEncoder2
ASN1BERDecBool
ASN1Free
ASN1BERDecOpenType2
ASN1BERDecZeroCharString
ASN1BEREncObjectIdentifier2
ASN1objectidentifier_free
ASN1BERDecObjectIdentifier2
ASN1BEREncSX
ASN1CEREncFlushBlkElement

msvcrt40

_mbsstr
wcsncpy
_fdopen
fgets
_EH_prolog

kernel32

GetExitCodeThread
SearchPathW
CreateEventW
OpenProcess
GetLastError
GetCPInfoExA
IsBadStringPtrW
CreateThread
EnumSystemCodePagesA
GetOverlappedResult
LocalFree
OpenFile
GetConsoleCP
VirtualAlloc
GetCPInfoExW
OpenThread
FindResourceA
IsDBCSLeadByteEx
CreateFileW
GetModuleHandleW
GetConsoleMode
WaitForMultipleObjects
SetLastError
HeapCreate

traffic

TcDeregisterClient
TcCloseInterface
TcEnumerateFlows
TcEnumerateInterfaces
TcQueryInterface
TcQueryFlowW

msvcrt

_CItan
wcstoul
_read
_ismbblead
_time64
_CIacos
clock
_mbsnbcpy
bsearch
exit
_wsopen
__p___mb_cur_max
_wgetenv
_wsetlocale
_wfreopen

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 2.9MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

Imports

msasn1

msvcrt40

kernel32

traffic

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.CRT Size: 5KB - Virtual size: 952KB

.textbs Size: 2.9MB - Virtual size: 5.0MB

.tls Size: - Virtual size: 3KB

.idata Size: 512B - Virtual size: 24B

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 10KB - Virtual size: 9KB

.CRT
Size: 5KB - Virtual size: 952KB

.textbs
Size: 2.9MB - Virtual size: 5.0MB

.tls
Size: - Virtual size: 3KB

.idata
Size: 512B - Virtual size: 24B

.rsrc
Size: 39KB - Virtual size: 39KB