3adee0ba15e9b93061d1f629d839207f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3adee0ba15e9b93061d1f629d839207f_JaffaCakes118
Size

765KB
MD5

3adee0ba15e9b93061d1f629d839207f
SHA1

4202df1da7fcd8b6f7daf7a2a994f6ccb59ee1d7
SHA256

a8e0818320e378276fa35ede5cd1d4769a03308c4440810ddd086996e2e6e963
SHA512

f49fc8ffd2c9a88b578a16cd79e8c79042d9dbf7d1aec7acb97b2cb661c5860b7ad14307e90e351ce5fb3ced7ac5d2e83865207a3cd8c2ac2e96ab4b66a6fe80
SSDEEP

12288:sjjb1WllHjXuk/RbkIASAQtvth3wq20eG/OoGmSKeLJU/h2G293eJe0ZZh5Kn5KK:sjclHjXuGRbkIASAQtvH3wq20eG/OoGb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3adee0ba15e9b93061d1f629d839207f_JaffaCakes118

Files

3adee0ba15e9b93061d1f629d839207f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23dc090bcc785421097ef1724c4b0dbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FindResourceExA
FreeResource
GetACP
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadPriority
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerBuffW
CharUpperBuffW
MessageBoxA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_MEM_DISCARDABLE

.stabstr
Size: 432KB - Virtual size: 432KB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

23dc090bcc785421097ef1724c4b0dbc

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 12B

.idata Size: 2KB - Virtual size: 2KB

.stab Size: 243KB - Virtual size: 242KB

.stabstr Size: 432KB - Virtual size: 432KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 12B

.idata
Size: 2KB - Virtual size: 2KB

.stab
Size: 243KB - Virtual size: 242KB

.stabstr
Size: 432KB - Virtual size: 432KB