456a2c39847ec999ab09ed90479e8f4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

456a2c39847ec999ab09ed90479e8f4e_JaffaCakes118
Size

104KB
MD5

456a2c39847ec999ab09ed90479e8f4e
SHA1

70ba51657df4138a4eb4c3d4f3905769a532c2be
SHA256

e56f087b998b3f52618a8fb07ce0e53a24f37e376d955370d65a42f5544d129b
SHA512

22383eddf574d937db4cc3e38f335db12b7ad803a72d247dbef24040b1c2abf7cf71095a6637764d933e81a9db64b9a266d2f2e8e1e80986029ec8bac0cb64a2
SSDEEP

1536:L+wdrUyDIR6BzCp6ZHAScQDKk0d5kB5vxQ7dI:L+w1UAzCUZgScQz0dKD67dI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
456a2c39847ec999ab09ed90479e8f4e_JaffaCakes118

Files

456a2c39847ec999ab09ed90479e8f4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7267e8cc08fd1b6f5ed6db570b263823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord4698
ord5289
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord4160
ord5302
ord4079
ord2725
ord2396
ord5300
ord3346
ord3922
ord5199
ord1089
ord2554
ord5731
ord2512
ord4274
ord4486
ord6375
ord825
ord4673
ord823
ord858
ord5683
ord4129
ord2915
ord2818
ord540
ord2976
ord3830
ord800
ord860
ord6662
ord354
ord3663
ord2393
ord5450
ord5440
ord6383
ord537
ord3258
ord1265
ord2233
ord1799
ord2727
ord6467
ord2730
ord2729
ord3353
ord654
ord772
ord610
ord801
ord614
ord341
ord500
ord287
ord541
ord290
ord4003
ord538
ord5603
ord5606
ord5602
ord5608
ord5858
ord5860
ord6883
ord5857
ord5861
ord939
ord6140
ord6142
ord6139
ord6143
ord3981
ord3986
ord6781
ord3979
ord4226
ord446
ord743
ord3127
ord3616
ord5651
ord3126
ord3613
ord350
ord3579
ord5572
ord535
ord6394
ord1168
ord1576

msvcrt

strlen
sprintf
memcpy
memmove
??1type_info@@UAE@XZ
_mbscmp
_setmbcp
_adjust_fdiv
_XcptFilter
_exit
__setusermatherr
_initterm
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
memset
exit
__getmainargs
_acmdln
__CxxFrameHandler
_onexit
__dllonexit

kernel32

DeleteFileA
GetTempPathA
CreateDirectoryA
CreateProcessA
CloseHandle
GetLastError
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetTempFileNameA

user32

MessageBoxA

ole32

StgOpenStorage
StgCreateDocfile
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uuu9
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7267e8cc08fd1b6f5ed6db570b263823

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

ole32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 26KB

.uuu9 Size: 8KB - Virtual size: 6KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 26KB

.uuu9
Size: 8KB - Virtual size: 6KB