38b15919f9ea7d4a58b5f0de51b193f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38b15919f9ea7d4a58b5f0de51b193f5_JaffaCakes118
Size

285KB
MD5

38b15919f9ea7d4a58b5f0de51b193f5
SHA1

e4f0ad83b730bc352666c14d625e78546c961120
SHA256

683028b8d707d10e5870d5ae7b5400b6fd6f490db1fc3434d677eb4e8d080d33
SHA512

f67eaddec436baa2d98fbfc9907bc305e6a27fafd57126b48faf217d1d4197ebe93bed9db955a7c712fc13383257918025d3edc3af8ca21ef9dced2489c3a6aa
SSDEEP

6144:FWbwFXdRor1953SZtIONzFJ4BsBQDagtv7VVcoSnJAWpLj8LMmkq:jFXdG53SvbJ82grHOAWaLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38b15919f9ea7d4a58b5f0de51b193f5_JaffaCakes118

Files

38b15919f9ea7d4a58b5f0de51b193f5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

51e31036df919c2cbf3d7c5a74e28d06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ngen.pdb

Imports

msvcr100_clr0400

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
?terminate@@YAXXZ
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
towupper
free
malloc
_putws
_flushall
wcstoul
_vsnprintf
wcsncmp
strncmp
_vsnwprintf_s
_vsnprintf_s
_errno
strcpy_s
wcsncpy_s
exit
wcscpy_s
_CxxThrowException
_wtoi
_wcsicmp
tolower
_wcsnicmp
_purecall
memset
wcscat_s
__CxxFrameHandler3
memcpy
memmove
_vswprintf_c_l

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
TraceEvent

kernel32

GetEnvironmentVariableW
HeapValidate
HeapDestroy
HeapCreate
VirtualProtect
VirtualQuery
VirtualFree
VirtualAlloc
SleepEx
ReleaseMutex
CreateMutexW
WaitForSingleObjectEx
HeapFree
GetProcessHeap
HeapAlloc
TlsFree
TlsSetValue
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
SetEvent
CreateEventW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DebugBreak
OutputDebugStringW
CreateProcessW
DecodePointer
EncodePointer
InterlockedExchange
Sleep
HeapSetInformation
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
UnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
FreeLibrary
CloseHandle
WaitForSingleObject
GetFileAttributesW
GetFullPathNameW
GetModuleFileNameW
GetModuleHandleW
GetCurrentProcessId
GetLocalTime
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
GetCurrentDirectoryW
SetErrorMode
GetLastError
GetProcAddress
GetVersion
TlsGetValue
InterlockedCompareExchange
SetLastError
LoadLibraryExW
LoadLibraryW
LocalFree
LCMapStringW
MultiByteToWideChar
IsDBCSLeadByte
GetCPInfo
GetACP
FormatMessageW
GetCurrentThreadId
GetSystemTimeAsFileTime
RaiseException
SetFilePointer
CreateFileW
MoveFileExW
GetFileAttributesExW
lstrlenW
TerminateProcess
GetCurrentProcess

mscoree

GetRequestedRuntimeInfo
CLRCreateInstance
CorBindToRuntime
GetRealProcAddress
CorGetSvc
GetCORSystemDirectory

oleaut32

SetErrorInfo
SysAllocString
SysFreeString

user32

LoadStringW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51e31036df919c2cbf3d7c5a74e28d06

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100_clr0400

advapi32

kernel32

mscoree

oleaut32

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 13KB

PACK Size: 144KB - Virtual size: 380KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 13KB

PACK
Size: 144KB - Virtual size: 380KB