edc060932eab71ee1990e79a30999b2f_JaffaCakes118

Resubmissions

11-04-2024 16:06

240411-tkk93sfb38 10

11-04-2024 15:30

240411-sxt73she8w 10

Sharing

Copy URL

Twitter E-mail

General

Target

edc060932eab71ee1990e79a30999b2f_JaffaCakes118
Size

670KB
MD5

edc060932eab71ee1990e79a30999b2f
SHA1

8ad274131ff11f58e894bf238d866b822150e511
SHA256

fc88fe29755c931864c4f068bb439637f259220ba0f6d54de0d1298b790181f6
SHA512

a3be88ae1adcb79c6f257520cfc909ed632894783821bd5bb6cccc48773a267fba41550fcb954f493543e105aed152d73e8c7dbb43e0df6e84b7086a8a69c673
SSDEEP

12288:/X/i67DCzMebmibKTGrZ3Jg+oMGIsuIdoEaRx5Cc7cY5AypgR7lMxVd:/X/zn/yNJZ+9IsuaoEwx5Cc7cY5Aypgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edc060932eab71ee1990e79a30999b2f_JaffaCakes118

Files

edc060932eab71ee1990e79a30999b2f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fbf6fe068e8d19266946ada342b837cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\repezewoyey.pdb

Imports

kernel32

CreateActCtxW
WriteConsoleInputA
GetConsoleAliasesW
SetCriticalSectionSpinCount
OpenEventA
HeapAlloc
GetUserDefaultLangID
VirtualAlloc
EnumDateFormatsA
GetOEMCP
CreateMutexW
WaitForSingleObject
GetModuleHandleW
LocalAlloc
SetMailslotInfo
GetFileAttributesExW
GetConsoleWindow
CancelTimerQueueTimer
CreateJobObjectA
GetTempPathA
GetProcessHeap
CompareStringW
HeapQueryInformation
InitializeSListHead
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetLastError
HeapReAlloc
GetCommandLineA
GetStartupInfoA
HeapFree
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetCPInfo
GetACP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
LCMapStringW

advapi32

BackupEventLogA

winhttp

WinHttpQueryOption

Exports

Exports

@GetSecondVice@0

Sections

.text
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 63.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

fbf6fe068e8d19266946ada342b837cd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

winhttp

Exports

Exports

Sections

.text Size: 384KB - Virtual size: 384KB

.data Size: 71KB - Virtual size: 63.6MB

.rsrc Size: 80KB - Virtual size: 79KB

.text
Size: 384KB - Virtual size: 384KB

.data
Size: 71KB - Virtual size: 63.6MB

.rsrc
Size: 80KB - Virtual size: 79KB