169978c6852b728513321960309c46f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

169978c6852b728513321960309c46f7_JaffaCakes118
Size

188KB
MD5

169978c6852b728513321960309c46f7
SHA1

d3220e4f001d8a0212ba8878d6f1eaa42b52634c
SHA256

7e4c5f311b4fdf5fb8e7e80f057137e51a9626bdbdfc98b42c872be087652609
SHA512

20bf7b090ca6a07a692b872efd2fcb1f0fdd0773139101ddd0d065e184cc811a1b7428d2ba114919bbda2d9ddaf3195dfed60d22756553440d081bc08c9860ae
SSDEEP

3072:TptkvfWLS22ESQFViFLM8NnlFR+gqwMAAL4jrVOJVHPpNk21xRW9Cp8v8JNq0Ilc:TpGxQFVi5M8/FR+gqyAL4j0vHkk4964y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169978c6852b728513321960309c46f7_JaffaCakes118

Files

169978c6852b728513321960309c46f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d03785d401c7e27e5938517a66279d6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetFocus

python23

PyModule_GetDict
PyMarshal_ReadObjectFromString
PySequence_Size
PySequence_GetItem
PyCode_Type
PyEval_EvalCode
PyErr_Print
PySys_SetArgv
Py_FdIsInteractive
PyRun_InteractiveLoop
Py_Finalize
Py_SetPythonHome
PyImport_AddModule
Py_OptimizeFlag
Py_SetProgramName
Py_Initialize
Py_GetPath
_Py_TrueStruct
PySys_SetObject
PyString_FromString
PyImport_ImportModule
PyCFunction_NewEx
PyObject_SetAttrString
PyArg_ParseTuple
PyInt_FromLong
PyRun_SimpleString
Py_NoSiteFlag

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_iob
strrchr
sprintf
_snprintf
strncpy
__p___argc
__p___argv
getenv
_putenv

kernel32

GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
GetLastError
FindResourceA
LoadResource
LockResource
GetFullPathNameA
FormatMessageA
LocalFree
lstrlenA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 54KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d03785d401c7e27e5938517a66279d6b

Headers

File Characteristics

Imports

user32

python23

msvcrt

kernel32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 36KB - Virtual size: 35KB

.data Size: 72KB - Virtual size: 128KB

.text Size: 54KB - Virtual size: 1.1MB

.data Size: 8KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 36KB - Virtual size: 35KB

.data
Size: 72KB - Virtual size: 128KB

.text
Size: 54KB - Virtual size: 1.1MB

.data
Size: 8KB - Virtual size: 8KB