56d1693676d475e44c161bcd0675e13f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56d1693676d475e44c161bcd0675e13f_JaffaCakes118
Size

127KB
MD5

56d1693676d475e44c161bcd0675e13f
SHA1

4b4527f2d6e291a60c6891ab4bfae499631f2773
SHA256

392388fff98b5c53e1371adfed13ff1b978dcb0d164c6db107e515e3216c700d
SHA512

3de5c2c5b47abe38120d18a99aab44965d401c691a83035fd10df7593ade360fa82c09f175adddb571f59e15e1a17139af7ad2b7a5a3f3d08751062b6ef5e348
SSDEEP

3072:N/CDRNqNco5D45BdtLiOCkZs0k6Xi08lS25ZBL:UNqNVDaBdtDCB0DXif

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56d1693676d475e44c161bcd0675e13f_JaffaCakes118

Files

56d1693676d475e44c161bcd0675e13f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea0ee1e0216ca814be31a9bb20d69f35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
DefineDosDeviceA
ContinueDebugEvent
GetCommandLineA
OpenEventA
GlobalFindAtomA
GetProcAddress
OpenFileMappingA
SetErrorMode
GetSystemDefaultLangID
AddAtomA
GetACP
GetStdHandle
LocalLock
LoadLibraryExA
WritePrivateProfileStructA
MoveFileA
GetLogicalDrives
LockFile
GetVolumeInformationA
FindClose
ClearCommBreak
GetCPInfo
VirtualLock
GetSystemDefaultLCID
GetFileAttributesA
SetFilePointer
CreateDirectoryExA
GetSystemDefaultUILanguage
WriteFile
CancelWaitableTimer
GetProcessHeaps
GlobalFlags
FlushConsoleInputBuffer
VirtualAllocEx
GetFullPathNameA
GetUserDefaultLCID
CreateWaitableTimerA
VirtualQuery
WriteProcessMemory
DeviceIoControl
GetCommMask
RemoveDirectoryA
GetPrivateProfileSectionNamesA
DuplicateHandle
IsProcessorFeaturePresent
GlobalWire
GetExitCodeProcess
SizeofResource
GetCommConfig
UnmapViewOfFile
GlobalCompact
FoldStringA
VirtualFree
GetLastError
GetThreadTimes
FlushFileBuffers
GetFileSize
GetThreadPriorityBoost
GetCurrentThreadId
GlobalHandle
GetThreadSelectorEntry
GlobalFree
CopyFileA
GetPrivateProfileSectionA
MulDiv
PeekConsoleInputA
GetDiskFreeSpaceExA
CancelIo
ConnectNamedPipe
CloseHandle
GetUserDefaultUILanguage
PurgeComm
GetDiskFreeSpaceA
GetLongPathNameA
GetBinaryTypeA
GetThreadLocale
GetProfileStringA
GetConsoleCP
HeapReAlloc
GetLogicalDriveStringsA
MoveFileExA
UpdateResourceA
GlobalSize
FreeResource
GetOEMCP
CreateRemoteThread
Beep
LocalReAlloc
GlobalAddAtomA
VirtualQueryEx
VirtualUnlock
MapViewOfFileEx
GetFileTime
MultiByteToWideChar
LocalShrink
FindNextChangeNotification
AllocConsole
GetFileType
GetPriorityClass
SetEvent
VirtualAlloc
WaitNamedPipeA
ClearCommError
IsBadCodePtr
CommConfigDialogA
GlobalFix
GetProcessTimes
GetHandleInformation
DisconnectNamedPipe
GetShortPathNameA
GlobalUnWire
EndUpdateResourceA
GetWindowsDirectoryA
GetThreadPriority
QueueUserAPC
CreateSemaphoreA
IsBadWritePtr
GetProfileSectionA
GetTickCount
FreeConsole
IsSystemResumeAutomatic
IsBadHugeWritePtr
GetEnvironmentStrings
GetUserDefaultLangID
GlobalUnfix
GlobalUnlock
GetNamedPipeInfo
HeapCreate
GetProcessVersion
OpenSemaphoreA
IsDebuggerPresent
GetModuleFileNameA
WaitForMultipleObjectsEx
FormatMessageA
GetTempPathA
AreFileApisANSI
GetVersion
OutputDebugStringA
SignalObjectAndWait
GetModuleHandleA
CreateFiber
FlushViewOfFile
OpenMutexA
OpenProcess
LocalUnlock
Sleep
CreateIoCompletionPort
GetCPInfoExA
DosDateTimeToFileTime
CallNamedPipeA
GetProfileIntA
ResetEvent
DeleteAtom
IsBadReadPtr
LocalHandle
GetStartupInfoA

msvcrt

time
rand
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea0ee1e0216ca814be31a9bb20d69f35

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 110KB - Virtual size: 110KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 110KB - Virtual size: 110KB