ec070a38483d8ebc4da7bc023e2a5ca9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ec070a38483d8ebc4da7bc023e2a5ca9_JaffaCakes118
Size

197KB
MD5

ec070a38483d8ebc4da7bc023e2a5ca9
SHA1

c8c41423bcd25a0222a566cc9c8875412b42f1f3
SHA256

b4af1b26b4147037aff1e306f6bf221bcbcda09f2d0ea359753b042db9264d58
SHA512

523d5c139625d3ce3fabb387e2c8e4052547cd8e8f3b594d13bad137fd6c1bb56dd75105d751c5b9df1d6ec4c308632a8b6f169116a23685e5c8942d636a2ab0
SSDEEP

6144:UN+7sEZ+++eC5QM5KBIr7ILcQCgttfI28TOo:UN5rUgkLcQNbfiTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec070a38483d8ebc4da7bc023e2a5ca9_JaffaCakes118

Files

ec070a38483d8ebc4da7bc023e2a5ca9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc2972e7f3da9bc9dea1d9739e5aaa41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TerminateProcess
SetFileAttributesA
CreateFiberEx
LoadLibraryExA
lstrlenA
UnhandledExceptionFilter
GetFullPathNameA
lstrcmpiA
MoveFileW
UpdateResourceW
WriteFile
FindFirstFileA
GetCurrentDirectoryW
UnmapViewOfFile
SizeofResource
GetVersionExA
IsDebuggerPresent
GetCurrentProcessId
GetModuleHandleW
_lwrite
SetUnhandledExceptionFilter
RemoveDirectoryA
FreeLibrary
OutputDebugStringA
HeapReAlloc
GetTempFileNameW
EnumResourceNamesW
CreateFileMappingA
DeleteFileW
MultiByteToWideChar
LockResource
DeleteFileA
LeaveCriticalSection
RemoveDirectoryW
FindNextFileW
GetCommandLineW
GetFullPathNameW
CopyFileA
CreateFileW
ExitProcess
CopyFileW
_lclose
EscapeCommFunction
GetCurrentThreadId
FreeResource
CreateDirectoryW
GetVersion
WideCharToMultiByte
GetACP
GetTickCount
SetEndOfFile
InterlockedCompareExchange
EnterCriticalSection
InterlockedIncrement
GetFileAttributesW
InitializeCriticalSection
InterlockedDecrement
FindFirstFileW
InterlockedExchange
EnumResourceTypesW
FormatMessageW
LoadLibraryA
ReadFile
EnumResourceNamesA
FindNextFileA
CreateFileA
GetProcAddress
GetLastError
GetCurrentProcess
GetTempPathW
DeleteCriticalSection
GetFileAttributesA
FatalExit
_lread
GetProcessHeap
GetThreadLocale
CreateDirectoryA
GlobalFree
GlobalUnlock
FindResourceExW
RaiseException
EndUpdateResourceW
HeapAlloc
GetLocaleInfoA
LocalFree
CloseHandle
GetFileInformationByHandle
MapViewOfFile
GetFileSize
HeapFree
GlobalLock
GetVersionExW
SetLastError
SetFilePointer
GetStringTypeExW
AreFileApisANSI
GetSystemDirectoryA
_llseek
DebugBreak
FindClose
GetEnvironmentVariableA
Sleep
QueryPerformanceCounter
FindResourceW
EnumResourceLanguagesW
SetFileAttributesW
BeginUpdateResourceW
HeapDestroy
HeapSize
LoadResource
GlobalAlloc
GetOEMCP
LoadLibraryExW
lstrlenW
GetSystemTimeAsFileTime
lstrcpyA

msvfw32

ICInfo

shell32

CommandLineToArgvW

advapi32

CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptDestroyHash

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

psapi

GetProcessMemoryInfo

user32

CharNextA
MonitorFromWindow
wsprintfW
CharNextW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc2972e7f3da9bc9dea1d9739e5aaa41

Headers

File Characteristics

Imports

kernel32

msvfw32

shell32

advapi32

imagehlp

psapi

user32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 356KB