02c4a254f85f1292e225aa9046b88e5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02c4a254f85f1292e225aa9046b88e5c_JaffaCakes118
Size

124KB
MD5

02c4a254f85f1292e225aa9046b88e5c
SHA1

38669ae0a202bc95a4075970a88e5a7bf95fb8a6
SHA256

2855702b51924978bddb5e041b76d829a60c5bd4a3bb8a939626a4fc0808b227
SHA512

52ac5aacc3f06cedb1c69e1f75cfbe5648af74514d31ff2dd13d02ffc84e73cb5307ad58e90235b6bda6bb6e5b2f7828ef42f72133e54fd0c109d6aa4edd8c9e
SSDEEP

1536:/YPrhqatXUfr+hY6RJUZSGPLXWchTOB9y/kagal6YbrSEP:/YPrhqatXUfSh7JUZlT52Hw6yrSEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02c4a254f85f1292e225aa9046b88e5c_JaffaCakes118

Files

02c4a254f85f1292e225aa9046b88e5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef273bf430da3d72153a914f75ff4ddb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

javac2.pdb

Imports

kernel32

InterlockedExchange
HeapFree
FreeEnvironmentStringsW
LCMapStringA
CreateProcessA
GetCurrentDirectoryW
TlsSetValue
RtlUnwind
EnterCriticalSection
HeapReAlloc
GetSystemTimeAsFileTime
HeapDestroy
HeapSize
GetOEMCP
GetTimeZoneInformation
TlsAlloc
GetStringTypeW
FormatMessageA
TerminateProcess
GetStartupInfoA
SetEnvironmentVariableA
FileTimeToLocalFileTime
SetHandleCount
TlsFree
InitializeCriticalSection
GetExitCodeProcess
GetTickCount
FreeEnvironmentStringsA
HeapCreate
FlushFileBuffers
SetLastError
GetExitCodeThread
LCMapStringW
GetDriveTypeA
QueryPerformanceCounter
ReadFile
FindClose
GetCommandLineA
GetEnvironmentStringsW
GetLastError
SetEnvironmentVariableW
GetProcAddress
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStrings
ExitThread
FreeLibrary
GetFileType
QueryPerformanceFrequency
WideCharToMultiByte
ExitProcess
GetFileAttributesA
LocalFree
GetCurrentProcess
SetFilePointer
DeleteCriticalSection
UnhandledExceptionFilter
GetModuleHandleA
LeaveCriticalSection
FindNextFileA
GetLocaleInfoA
GetCPInfo
HeapAlloc
GetModuleFileNameA
GetCurrentThreadId
CompareStringA
GetCurrentDirectoryA
LoadLibraryA
CloseHandle
SetStdHandle
GetACP
WaitForSingleObject
GetStdHandle
FileTimeToSystemTime
IsValidLanguageGroup
GetSystemInfo
GetVersionExA
SetEndOfFile
TlsGetValue
FindFirstFileA

advapi32

RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef273bf430da3d72153a914f75ff4ddb

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1.2MB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1.2MB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 4KB