02e5c20d6ef4adf7cc4be5bb002bcd91_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02e5c20d6ef4adf7cc4be5bb002bcd91_JaffaCakes118
Size

3.0MB
MD5

02e5c20d6ef4adf7cc4be5bb002bcd91
SHA1

fe88b1f030e9ba16216b586fba853a1174fc58d3
SHA256

e5a9ee02dbf211f890d48bae5d6897a595d03997efc5e08c3e62deb0780f3123
SHA512

0cb982b00b613dc8d985ef3c672d0e8d4e8def99a96bf8a877ea544c9483c04c193a44d537de798a3df6257d69709dfe3d881581d404db561460a819ee0285b4
SSDEEP

49152:75eZR8PWg9lhvfwOl8y+9P4wgo+L/Y2twfNLGZcDxYBi7jp9l+qk48f9Tc9jLQgw:7sZRAjlhv4OP+tbL+02cOcp/+qhm9TG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e5c20d6ef4adf7cc4be5bb002bcd91_JaffaCakes118

Files

02e5c20d6ef4adf7cc4be5bb002bcd91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msasn1

ASN1BERDecNotEndOfContents
ASN1BERDecOpenType
ASN1ztcharstring_free
ASN1_CreateEncoder
ASN1bitstring_cmp
ASN1_CreateDecoderEx
ASN1_CloseEncoder2
ASN1BERDecBool
ASN1Free
ASN1BERDecOpenType2
ASN1BERDecZeroCharString
ASN1BEREncObjectIdentifier2
ASN1objectidentifier_free
ASN1BERDecObjectIdentifier2
ASN1BEREncSX
ASN1CEREncFlushBlkElement

msvcrt40

_mbsstr
wcsncpy
_fdopen
fgets
_EH_prolog

kernel32

GetExitCodeThread
SearchPathW
CreateEventW
OpenProcess
GetLastError
GetCPInfoExA
IsBadStringPtrW
CreateThread
EnumSystemCodePagesA
GetOverlappedResult
LocalFree
OpenFile
GetConsoleCP
VirtualAlloc
GetCPInfoExW
OpenThread
FindResourceA
IsDBCSLeadByteEx
CreateFileW
GetModuleHandleW
GetConsoleMode
WaitForMultipleObjects
SetLastError
HeapCreate

traffic

TcDeregisterClient
TcCloseInterface
TcEnumerateFlows
TcEnumerateInterfaces
TcQueryInterface
TcQueryFlowW

msvcrt

_CItan
wcstoul
_read
_ismbblead
_time64
_CIacos
clock
_mbsnbcpy
bsearch
exit
_wsopen
__p___mb_cur_max
_wgetenv
_wsetlocale
_wfreopen

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 2.9MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

Imports

msasn1

msvcrt40

kernel32

traffic

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.CRT Size: 5KB - Virtual size: 952KB

.textbs Size: 2.9MB - Virtual size: 5.0MB

.tls Size: - Virtual size: 3KB

.idata Size: 512B - Virtual size: 24B

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 10KB - Virtual size: 9KB

.CRT
Size: 5KB - Virtual size: 952KB

.textbs
Size: 2.9MB - Virtual size: 5.0MB

.tls
Size: - Virtual size: 3KB

.idata
Size: 512B - Virtual size: 24B

.rsrc
Size: 39KB - Virtual size: 39KB