2e1c462453f9505d5b13bd9f898b3b99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e1c462453f9505d5b13bd9f898b3b99_JaffaCakes118
Size

126KB
MD5

2e1c462453f9505d5b13bd9f898b3b99
SHA1

6196bcbfde51b1494ca3a16a1873b0226b5bd66a
SHA256

a687a8105611fc3af7a83cc7f92502034e3e30b2815aa63c2c3d116e5783e41b
SHA512

353e24ef0a3c7d9695ffa0d6b9d4ac7f6a70341c5400c7c0bf1aa901be5ab9bc332126c37cdc6b42fda8aa2bfa2c9313f565ac1a012cb0e95c69e63afbeb9362
SSDEEP

3072:uZTETN95UzEbVQjxChV39dsEK77TE8woxIS7qUBu94:+cGQVG819dBK773wqfBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e1c462453f9505d5b13bd9f898b3b99_JaffaCakes118

Files

2e1c462453f9505d5b13bd9f898b3b99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msasn1

ASN1BERDecNotEndOfContents
ASN1BERDecOpenType
ASN1ztcharstring_free
ASN1_CreateEncoder
ASN1bitstring_cmp
ASN1_CreateDecoderEx
ASN1_CloseEncoder2
ASN1BERDecBool
ASN1Free
ASN1BERDecOpenType2
ASN1BERDecZeroCharString
ASN1BEREncObjectIdentifier2
ASN1objectidentifier_free
ASN1BERDecObjectIdentifier2
ASN1BEREncSX
ASN1CEREncFlushBlkElement

msvcrt40

_mbsstr
wcsncpy
_fdopen
fgets
_EH_prolog

kernel32

GetExitCodeThread
SearchPathW
CreateEventW
OpenProcess
GetLastError
GetCPInfoExA
IsBadStringPtrW
CreateThread
EnumSystemCodePagesA
GetOverlappedResult
LocalFree
OpenFile
GetConsoleCP
VirtualAlloc
GetCPInfoExW
OpenThread
FindResourceA
IsDBCSLeadByteEx
CreateFileW
GetModuleHandleW
GetConsoleMode
WaitForMultipleObjects
SetLastError
HeapCreate

traffic

TcDeregisterClient
TcCloseInterface
TcEnumerateFlows
TcEnumerateInterfaces
TcQueryInterface
TcQueryFlowW

msvcrt

_CItan
wcstoul
_read
_ismbblead
_time64
_CIacos
clock
_mbsnbcpy
bsearch
exit
_wsopen
__p___mb_cur_max
_wgetenv
_wsetlocale
_wfreopen

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 2.9MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03d53ff8772694d893b0f0ea355b631d

Headers

File Characteristics

Imports

msasn1

msvcrt40

kernel32

traffic

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.CRT Size: 5KB - Virtual size: 952KB

.textbs Size: 2.9MB - Virtual size: 5.0MB

.tls Size: - Virtual size: 3KB

.idata Size: 512B - Virtual size: 24B

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 10KB - Virtual size: 9KB

.CRT
Size: 5KB - Virtual size: 952KB

.textbs
Size: 2.9MB - Virtual size: 5.0MB

.tls
Size: - Virtual size: 3KB

.idata
Size: 512B - Virtual size: 24B

.rsrc
Size: 39KB - Virtual size: 39KB