5443e35620be1d715e5d21d24965302d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5443e35620be1d715e5d21d24965302d_JaffaCakes118
Size

192KB
MD5

5443e35620be1d715e5d21d24965302d
SHA1

d90697d611233d3e981c80ebb977b5571469d4c8
SHA256

7992c139c376eaf5b46327519789cc796ebefb625d843e964fbf69199e761573
SHA512

e9254e2fc8a62d42535df59bd9c2a7aad8f321816929e2ba03016aa0bf15cd26914f6bd86bd5f910fdb8c1c0c12c27cd28e028331e8c1ba1f16c5ffa14c42038
SSDEEP

3072:ix3curZjnCzsUNswxY8yP+0PYig9kmMv4H729V0LN7kY2L7MvbNczKrolV7n8Gt1:ix3pF0f+8yPxgigW4696LxaIktn8GPxy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5443e35620be1d715e5d21d24965302d_JaffaCakes118

Files

5443e35620be1d715e5d21d24965302d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7901e360e93fa1c00dd911494644049c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
CreateFiberEx
lstrlenA
DeleteFileA
GetFileSize
GetFullPathNameW
SetLastError
HeapReAlloc
MultiByteToWideChar
GetACP
RemoveDirectoryA
HeapFree
InterlockedIncrement
GetFileAttributesA
GetCurrentDirectoryW
LoadResource
GetTempPathW
CopyFileW
LeaveCriticalSection
HeapAlloc
GetFileAttributesW
GetSystemDirectoryA
GlobalUnlock
_llseek
FindFirstFileA
SetFileAttributesW
FreeLibrary
LoadLibraryExW
EndUpdateResourceW
EnumResourceTypesW
DeleteCriticalSection
GlobalFree
GetProcAddress
FindNextFileW
GlobalAlloc
MoveFileW
GetModuleHandleW
EscapeCommFunction
InterlockedExchange
IsDebuggerPresent
EnterCriticalSection
FindFirstFileW
MapViewOfFile
WideCharToMultiByte
SizeofResource
FindClose
EnumResourceNamesA
GetTickCount
UpdateResourceW
GetCurrentProcessId
DeleteFileW
RemoveDirectoryW
CreateFileW
LocalFree
_lclose
CloseHandle
EnumResourceLanguagesW
CreateFileA
DebugBreak
FindResourceW
OutputDebugStringA
GetCommandLineW
InterlockedDecrement
GetSystemTimeAsFileTime
lstrcmpiA
CreateDirectoryA
FormatMessageW
FindNextFileA
InitializeCriticalSection
GlobalLock
AreFileApisANSI
WriteFile
GetVersionExA
FatalExit
_lwrite
lstrlenW
GetStringTypeExW
FindResourceExW
FreeResource
GetCurrentProcess
CreateFileMappingA
CopyFileA
GetLocaleInfoA
RaiseException
SetFileAttributesA
ExitProcess
TerminateProcess
GetOEMCP
GetCurrentThreadId
InterlockedCompareExchange
CreateDirectoryW
UnmapViewOfFile
LockResource
GetLastError
LoadLibraryExA
BeginUpdateResourceW
GetFullPathNameA
GetVersionExW
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetTempFileNameW
HeapDestroy
SetFilePointer
Sleep
QueryPerformanceCounter
HeapSize
UnhandledExceptionFilter
GetProcessHeap
LoadLibraryA
EnumResourceNamesW
GetThreadLocale
_lread
GetFileInformationByHandle
SetEndOfFile
GetVersion
lstrcpyA

shell32

CommandLineToArgvW

advapi32

CryptGetHashParam
CryptCreateHash
CryptHashData
CryptReleaseContext
CryptAcquireContextA
CryptDestroyHash

msvfw32

ICInfo

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

user32

CharNextA
MonitorFromWindow
wsprintfW
CharNextW

psapi

GetProcessMemoryInfo

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7901e360e93fa1c00dd911494644049c

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvfw32

imagehlp

user32

psapi

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 224KB