057c129be2510568e173cf064b747401_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

057c129be2510568e173cf064b747401_JaffaCakes118
Size

136KB
MD5

057c129be2510568e173cf064b747401
SHA1

e594d4e4a3a95bb6f7998106b35b902a5fe9516a
SHA256

a9761d400f5291814d7176413a4258f0d05da60b2cd34f9600f4cc782421d6fb
SHA512

088336019c84181512093e3b59f65afc997e87bb3b56aee71c9acee1d5abbfc9a2b0c9fce0ed1a1d573035d9d8f023a5e235b808c23192c284d03a11fdd11e73
SSDEEP

3072:uZTETN95UzEbVQjxChV39dsEK77TE8woxIS7qUBu9zcA7zH:+cGQVG819dBK773wqfB0zH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
057c129be2510568e173cf064b747401_JaffaCakes118

Files

057c129be2510568e173cf064b747401_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msasn1

ASN1BERDecNotEndOfContents
ASN1BERDecOpenType
ASN1ztcharstring_free
ASN1_CreateEncoder
ASN1bitstring_cmp
ASN1_CreateDecoderEx
ASN1_CloseEncoder2
ASN1BERDecBool
ASN1Free
ASN1BERDecOpenType2
ASN1BERDecZeroCharString
ASN1BEREncObjectIdentifier2
ASN1objectidentifier_free
ASN1BERDecObjectIdentifier2
ASN1BEREncSX
ASN1CEREncFlushBlkElement

msvcrt40

_mbsstr
wcsncpy
_fdopen
fgets
_EH_prolog

kernel32

GetExitCodeThread
SearchPathW
CreateEventW
OpenProcess
GetLastError
GetCPInfoExA
IsBadStringPtrW
CreateThread
EnumSystemCodePagesA
GetOverlappedResult
LocalFree
OpenFile
GetConsoleCP
VirtualAlloc
GetCPInfoExW
OpenThread
FindResourceA
IsDBCSLeadByteEx
CreateFileW
GetModuleHandleW
GetConsoleMode
WaitForMultipleObjects
SetLastError
HeapCreate

traffic

TcDeregisterClient
TcCloseInterface
TcEnumerateFlows
TcEnumerateInterfaces
TcQueryInterface
TcQueryFlowW

msvcrt

_CItan
wcstoul
_read
_ismbblead
_time64
_CIacos
clock
_mbsnbcpy
bsearch
exit
_wsopen
__p___mb_cur_max
_wgetenv
_wsetlocale
_wfreopen

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 2.9MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

Imports

msasn1

msvcrt40

kernel32

traffic

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.CRT Size: 5KB - Virtual size: 952KB

.textbs Size: 2.9MB - Virtual size: 5.0MB

.tls Size: - Virtual size: 3KB

.idata Size: 512B - Virtual size: 24B

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 10KB - Virtual size: 9KB

.CRT
Size: 5KB - Virtual size: 952KB

.textbs
Size: 2.9MB - Virtual size: 5.0MB

.tls
Size: - Virtual size: 3KB

.idata
Size: 512B - Virtual size: 24B

.rsrc
Size: 39KB - Virtual size: 39KB