09e50f3c33735e7785a4dec9bb02008c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09e50f3c33735e7785a4dec9bb02008c_JaffaCakes118
Size

124KB
MD5

09e50f3c33735e7785a4dec9bb02008c
SHA1

909ff4eed79d2aa3a6910443bc87414741e3f424
SHA256

d58236826e64526cf83b9f5c0d38fc023ea354a0672e767957c073a894f5a465
SHA512

d1d7486bc7e577fc074e8f2fc061bfebb33a44d93c3efcd15341863cf77bb348d430afb8d6960edc806a4de3e762eb18616c9078bb1cdc18ad063d14b796f0c7
SSDEEP

3072:UHxqMdZwsH4vBmFTK0AkgY+CJsCclCsBOnsz9:URq5S66TKQgYtcF5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e50f3c33735e7785a4dec9bb02008c_JaffaCakes118

Files

09e50f3c33735e7785a4dec9bb02008c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

396e2b7634a17325b46fa74fbb2dd0a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetShortPathNameA
MapViewOfFileEx
GetProcAddress
CreateFileA
GetProcessWorkingSetSize
DeleteFiber
HeapDestroy
GetProfileStringA
DuplicateHandle
SleepEx
GetNamedPipeHandleStateA
ResetEvent
CreateIoCompletionPort
FreeLibrary
DisconnectNamedPipe
IsBadWritePtr
SetFileAttributesA
ClearCommBreak
GetConsoleCP
OutputDebugStringA
GetUserDefaultLCID
DeleteFileA
LocalFlags
PurgeComm
LocalUnlock
AreFileApisANSI
QueryDosDeviceA
GetEnvironmentVariableA
CreateEventA
GetCommConfig
UnlockFile
GetPriorityClass
GetThreadPriorityBoost
WriteFile
GetVersion
VirtualLock
DosDateTimeToFileTime
GetACP
ContinueDebugEvent
GetPrivateProfileStructA
GetProcessAffinityMask
HeapReAlloc
GlobalWire
LocalLock
GetModuleHandleA
SetFilePointer
SetErrorMode
GlobalHandle
GetSystemDefaultLangID
MapViewOfFile
FindNextChangeNotification
WriteProfileStringA
WritePrivateProfileSectionA
FindResourceExA
ClearCommError
VirtualProtectEx
GetThreadContext
GlobalCompact
WriteProcessMemory
FlushConsoleInputBuffer
WaitForMultipleObjectsEx
GetPrivateProfileSectionA
SizeofResource
LockResource
GetSystemDefaultUILanguage
WritePrivateProfileStringA
IsBadCodePtr
ReleaseMutex
GetSystemDirectoryA
FlushFileBuffers
GetOEMCP
FindAtomA
GetLargestConsoleWindowSize
LocalFree
GetProcessVersion
CancelIo
IsDebuggerPresent
SearchPathA
ReadConsoleA
WideCharToMultiByte
LocalCompact
GetProcessHeaps
GetLocalTime
WaitForSingleObjectEx
CreateConsoleScreenBuffer
FormatMessageA
ReleaseSemaphore
HeapValidate
GetModuleFileNameA
QueueUserAPC
EraseTape
GetFullPathNameA
AddAtomA
GetProfileIntA
GetEnvironmentStrings
GlobalFlags
GetHandleInformation
VirtualAlloc
CreateSemaphoreA
GetTickCount
IsBadHugeWritePtr
SetFileTime
IsBadReadPtr
GlobalFree
GetLongPathNameA
GetCommModemStatus
WaitForSingleObject
GlobalAddAtomA
OpenMutexA
OpenProcess
CreateMutexA
MoveFileA
GetCurrentProcess
GetConsoleCursorInfo
AllocConsole
ReadFile
DeleteAtom
FindFirstChangeNotificationA
GlobalReAlloc
CopyFileA
GetCurrentProcessId
GetProcessHeap
CopyFileExA
Sleep
GlobalFix
GetSystemDefaultLCID
VirtualQueryEx
VirtualUnlock
PeekNamedPipe
GetPrivateProfileIntA
HeapFree
GetCPInfoExA
GetConsoleOutputCP
VirtualAllocEx
GetCommandLineA
BeginUpdateResourceA
CreateFiber
PeekConsoleInputA
GetStartupInfoA

msvcrt

rand
srand
time
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

396e2b7634a17325b46fa74fbb2dd0a6

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 109KB - Virtual size: 108KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 109KB - Virtual size: 108KB