378ee9ec2205d422abd4037dadfe230b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

378ee9ec2205d422abd4037dadfe230b_JaffaCakes118
Size

42KB
MD5

378ee9ec2205d422abd4037dadfe230b
SHA1

37cba6195e0df840d5ab1403cb507a2db0607805
SHA256

af7a760644ed72911a647cca4b0af9101fccb7698a72395d53353af538b11602
SHA512

11501b554e479d428503dd739b6d0dee084f6b327cccb012c305893b3dc1b8889957faee9a0b56dbc2351884e65e2d1a6138666f2934d256c35f4baa4b9ebd78
SSDEEP

768:FEFb93Dzeb+8b9I/6aKluyOpEHdFfYejAK6UesDx9+wsX:6Fb5/a+8pBlu7EHdxdaUesmx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
378ee9ec2205d422abd4037dadfe230b_JaffaCakes118

Files

378ee9ec2205d422abd4037dadfe230b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e64cb27028503c9a5b85fb7d7ff66b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA

pk79

ord10011
ord1844
ord6326
ord10104
ord482
ord2947
ord395
ord8535
ord1333
ord9666
ord9992
ord5981
ord2138
ord332
ord2714
ord138
ord955
ord8205
ord6415
ord3026
ord8854
ord5320
ord918
ord7761
ord3426
ord7251
ord6375
ord1776
ord4569
ord8911
ord7259
ord7776
ord1270
ord5495
ord1733
ord5956
ord9506
ord8136
ord4633
ord8017
ord9220
ord3161
ord8119
ord7257
ord9370
ord5632
ord1585
ord7458
ord9638
ord5624
ord274
ord4232
ord9089
ord8561
ord9190
ord8162
ord6245
ord1109
ord4425
ord584
ord435
ord8627
ord2523
ord7154
ord680
ord8968
ord9456
ord8715
ord7416
ord2636
ord981
ord2404
ord9954
ord4049
ord5343
ord6826
ord4587
ord7657
ord2950
ord2853
ord4052
ord4041
ord9118
ord8447
ord4908
ord7175
ord5700
ord2861
ord5899
ord8850
ord9262
ord9246
ord6161
ord2944
ord740
ord734
ord9626
ord6499
ord83
ord439
ord6209
ord7017
ord1870

msvcr71

_controlfp
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
strlen
_CxxThrowException
__CxxLongjmpUnwind
_setjmp3
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
_onexit

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

xdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e64cb27028503c9a5b85fb7d7ff66b0

Headers

File Characteristics

Imports

kernel32

pk79

msvcr71

Sections

.text Size: 5KB - Virtual size: 4KB

CONST Size: 512B - Virtual size: 139B

_TEXT Size: 10KB - Virtual size: 10KB

xdata Size: 512B - Virtual size: 320B

text Size: 512B - Virtual size: 130B

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 144B

_DATA Size: 1024B - Virtual size: 844B

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 5KB - Virtual size: 4KB

CONST
Size: 512B - Virtual size: 139B

_TEXT
Size: 10KB - Virtual size: 10KB

xdata
Size: 512B - Virtual size: 320B

text
Size: 512B - Virtual size: 130B

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 144B

_DATA
Size: 1024B - Virtual size: 844B

.rsrc
Size: 19KB - Virtual size: 19KB