02872c0696f78a9099f5a2be1da373b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02872c0696f78a9099f5a2be1da373b0_JaffaCakes118
Size

119KB
MD5

02872c0696f78a9099f5a2be1da373b0
SHA1

1f7457058d811766ff5d0dab3d24fde06eb9b8d2
SHA256

7792dfe80d6355c8c11a1233cc9d8fc147405edc434126ccf545e93fadffeb0e
SHA512

20cb066734bc5a9862ac0462cf680f3dff3df4e0bd5c99ab334ffeac72cf30188d5aadb2158982a98dfeac04d2199986ff5e4f7db20732c7ecfdabf5193bd9e1
SSDEEP

3072:9yDuDpK3buATSMB0mLOao4C5rYBCzjDNKOJA/f6MHCdrLB:5yiQSMJ/Ch34OOKhLB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02872c0696f78a9099f5a2be1da373b0_JaffaCakes118

Files

02872c0696f78a9099f5a2be1da373b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f26b90e8468873dc615d4edb7441bea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerFindFileW
VerLanguageNameA
VerQueryValueW
VerQueryValueA

shell32

CommandLineToArgvW
ShellExecuteA
SHBindToParent
SHChangeNotify
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteExW
SHGetFolderPathW
DragQueryFileW
SHFileOperationW
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListA
DragQueryFileA

kernel32

GetExitCodeProcess
MulDiv
FindFirstFileW
GetLastError
SetEndOfFile
CreateThread
Sleep
GetModuleFileNameA
GetCurrentThreadId
GetCommandLineW
GetFileAttributesW
PurgeComm
ExitProcess
GetVersion
CreateMutexA
IsBadReadPtr
ResumeThread
WaitForSingleObject
SetLastError
GetConsoleMode
GetExitCodeThread
FindResourceW
OpenMutexA
FindNextFileA
GetTickCount
GetFileSize
SetErrorMode
GetFileAttributesA
GetModuleHandleA
IsBadWritePtr
VirtualAlloc
GetDriveTypeA

msvcrt

_ultoa
malloc
_acmdln
strtoul
wcstombs
_exit
_commit
__p__iob
atol
_CIacos
_CxxThrowException
mbstowcs
_finite
__p__commode
isspace
_ftol
wcscspn
strchr
wcschr
_stat
_rotl
towupper
atoi
isxdigit
fflush
_access
__setusermatherr
rand
wcstol
ctime
srand
_rotr
__p__osver
__getmainargs
iswalpha
_snprintf
_chsize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: - Virtual size: 299B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f26b90e8468873dc615d4edb7441bea

Headers

File Characteristics

Imports

version

shell32

kernel32

msvcrt

Sections

.text Size: 3KB - Virtual size: 2KB

.textbss Size: - Virtual size: 3KB

BSS Size: - Virtual size: 1KB

.textbss Size: - Virtual size: 299B

DATA Size: - Virtual size: 2KB

DATA Size: - Virtual size: 2.3MB

.tls Size: 3.5MB - Virtual size: 3.5MB

.tls Size: - Virtual size: 28KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 3KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 3KB

BSS
Size: - Virtual size: 1KB

.textbss
Size: - Virtual size: 299B

DATA
Size: - Virtual size: 2KB

DATA
Size: - Virtual size: 2.3MB

.tls
Size: 3.5MB - Virtual size: 3.5MB

.tls
Size: - Virtual size: 28KB

.rsrc
Size: 17KB - Virtual size: 17KB