00a296a520ca40b82c04705f63363779_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00a296a520ca40b82c04705f63363779_JaffaCakes118
Size

50KB
MD5

00a296a520ca40b82c04705f63363779
SHA1

0c2dd8765d92b9776e7d7f71064e1a7cf9b1247c
SHA256

e54f4038ea624a0d872da7d243ebca24c88bb6c93b73eaa65ce85b43a8b0e4bc
SHA512

3db164a1924f221c88a5bdcdd14c914ec1f590b325a008e8b61c2b7346b9077cbed39a7807fbdf6ad66605b39c16b3e3b74bf1ae8a49e404ca32f94c455359af
SSDEEP

768:WExfqZsih1DujJQZhpG9Ok4BjUdcBLJFOQJs/0IzbnP5xOha5:FxfmsivuSTjUdEDOEs8IzbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00a296a520ca40b82c04705f63363779_JaffaCakes118

Files

00a296a520ca40b82c04705f63363779_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae5e9cf872f3163ee7f3879bba2dbac7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
TerminateProcess
OpenProcess
GetSystemTime
GetTempPathA
ExitProcess
SetFileAttributesA
GetModuleFileNameA
CloseHandle
SetFilePointer
WriteFile
CreateFileA
GetWindowsDirectoryA
SizeofResource
LockResource
FindResourceA
Sleep

user32

wsprintfA

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Xlen@std@@YAXXZ

msvcrt

free
__CxxFrameHandler
wcscmp
??2@YAPAXI@Z

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.khe
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae5e9cf872f3163ee7f3879bba2dbac7

Headers

File Characteristics

Imports

kernel32

user32

msvcp60

msvcrt

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 28KB - Virtual size: 28KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.khe Size: - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 28KB - Virtual size: 28KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.khe
Size: - Virtual size: 4KB