44b9f3b74425812ef25a7b3f46483bec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

44b9f3b74425812ef25a7b3f46483bec_JaffaCakes118
Size

324KB
MD5

44b9f3b74425812ef25a7b3f46483bec
SHA1

6dbc6431f1a8b683a16c9e435d6ba5101ae73993
SHA256

a294a805a378b6e0c0893a873271360ba66f3fecbf093fca2d1b6af14bcb6ccb
SHA512

91bf122475f5cd7f52aa2e599d1ab6e1029473865ef7ba062e3d6cf50ca489668a4662d55469337afd297f57ea69ab5882267f410f33d277c915f533c25d9b5f
SSDEEP

6144:uaWYs3WH0OFO/k0wrZ9CESnXs4hg0ybrMRgDPU+GK:rWYs3WHfvZLS8cmARgD8lK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b9f3b74425812ef25a7b3f46483bec_JaffaCakes118

Files

44b9f3b74425812ef25a7b3f46483bec_JaffaCakes118
.exe windows:0 windows x86 arch:x86

167ad6e03a8569c3132a5722d8e907a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualFree
SystemTimeToFileTime
LocalFree
FileTimeToLocalFileTime
RemoveDirectoryW
GetPrivateProfileStringW
ReadFile
GetPriorityClass
ReleaseSemaphore
GetFileAttributesW
CreateSemaphoreW
GetCurrentThreadId
EnterCriticalSection
GetModuleFileNameW
PrepareTape
SetPriorityClass
InitializeCriticalSection
LocalAlloc
GetTapePosition
FindClose
GetVersionExW
GetFileSize
CloseHandle
WideCharToMultiByte
WaitForSingleObject
GetLocaleInfoW
VirtualAlloc

crtdll

strlen
_strset
strtod
_timezone_dll
_matherr
strtol
modf
_mbsninc
_spawnl
_CIatan2
_yn
_strerror
_fpieee_flt
wcstol
__iscsym
_wcsnicmp
_pwctype_dll
_setsystime
_mbctokata
_stat
_ismbclegal
_strnicmp
_cwait
_mbsnbicmp
_read
_seterrormode
wcsftime
_ftime
isalnum
_cpumode_dll
_winminor_dll
fputs
_wcsdup
_spawnve
iswgraph
localtime
strerror
perror
wcsncmp
_aexit_rtn_dll
time
_strrev
_execle
_mbscspn
iswalnum
strstr
_strcmpi
_strnset
_mbbtombc
_CIasin
_filelength
fgets
_sys_nerr_dll
_locking
_getw
sqrt
_flushall
_CIacos
_creat
_mbspbrk
_sys_errlist
sscanf
wprintf
_getche
_mbslen
getenv
_ctype
_write
_ismbbgraph
_wcslwr
_strdup
wcscat
_exit
_mbsbtype
_commit
_ftol
_strdate
getc
_control87
fputc
_snwprintf
sprintf
_vsnwprintf
tolower
_snprintf
_beep
atof
asctime
_chsize

pdh

PdhGetCounterInfoW
PdhGetRawCounterValue
PdhLookupPerfIndexByNameW
PdhSelectDataSourceW
PdhGetRawCounterArrayW
PdhGetDefaultPerfObjectHA
PdhTranslateLocaleCounterW
PdhVbAddCounter
PdhBindInputDataSourceA
PdhGetDefaultPerfObjectHW
PdhSelectDataSourceA
PdhExpandWildCardPathHA
PdhVbOpenLog
PdhGetDefaultPerfCounterA
PdhGetLogFileTypeA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167ad6e03a8569c3132a5722d8e907a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crtdll

pdh

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 239KB - Virtual size: 748KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 239KB - Virtual size: 748KB