1672c2a16eb38d1a95c0d97346b74718_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1672c2a16eb38d1a95c0d97346b74718_JaffaCakes118
Size

139KB
MD5

1672c2a16eb38d1a95c0d97346b74718
SHA1

c7f063a1331a9d1a593e9aaa02258efc4ee89544
SHA256

a297eb2b1b02b3c2092617a805ba6d01c9acbe710d8a427889e2e6a7f958366d
SHA512

154acaedcf4acf25224398963fa041d1a7e32ac3e7d8fcf5bd3d15ce9d03eea32c0a9e1e2a18749be0ef00b57a6695b641b33c2a550481a4942a41ce3dea6aef
SSDEEP

3072:+kI+3/yebBPf9c3di6wR3S0tI5dwZ28gXE2P:R5FFfG3rwF5GwZdgX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1672c2a16eb38d1a95c0d97346b74718_JaffaCakes118

Files

1672c2a16eb38d1a95c0d97346b74718_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a9a7bc50d23e8295fa67960c39b01b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TransactNamedPipe
CreateFileA
GetLastError
DeleteFileA
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
WideCharToMultiByte
GetTickCount
lstrcmpiA
CreateThread
ExitThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
MoveFileA
GetTempPathA
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetVersionExA
CreateProcessA
GetDriveTypeA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
TerminateThread
WriteFile
GetTimeFormatA
GetDateFormatA
GetSystemDirectoryA
GetLocaleInfoA
LoadLibraryA
GetProcAddress
OpenProcess
TerminateProcess
GetCurrentProcess
GetCurrentThread
lstrcatA
lstrcpyA
lstrcpynA
lstrcmpA
lstrlenA
ExpandEnvironmentStringsA
ReleaseMutex
CreateMutexA
LocalFree
LocalAlloc
SetFileTime
GetFileTime
GetWindowsDirectoryA
GetLocalTime
FindClose
FindNextFileA
FindFirstFileA
RemoveDirectoryA
GetStartupInfoA
CloseHandle
MultiByteToWideChar
GlobalMemoryStatus
Sleep

user32

SendMessageA
wsprintfA
IsCharAlphaNumericA
GetMenu
FindWindowA
IsWindow
FindWindowExA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

strtoul
_controlfp
??1type_info@@UAE@XZ
_except_handler3
__set_app_type
strlen
memcpy
memset
malloc
free
__CxxFrameHandler
_snprintf
wcscat
strcat
sprintf
rand
strcmp
_access
strncat
strtok
strncpy
srand
sscanf
strcpy
system
fclose
fgets
fopen
printf
strrchr
strchr
_strlwr
strstr
atoi
memcmp
_strdup
fread
ftell
fseek
_vsnprintf
??2@YAPAXI@Z
_splitpath
fprintf
_iob
toupper
wcslen
_CxxThrowException
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

oleaut32

GetErrorInfo

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

::ICU::
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a9a7bc50d23e8295fa67960c39b01b4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

oleaut32

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 402KB

::ICU:: Size: 11KB - Virtual size: 16KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 402KB

::ICU::
Size: 11KB - Virtual size: 16KB