f9e30311ce752acc9cfa206f9be901a6_JaffaCakes118

General

Target

f9e30311ce752acc9cfa206f9be901a6_JaffaCakes118
Size

408KB
MD5

f9e30311ce752acc9cfa206f9be901a6
SHA1

2f1d2ea9e3491da940096fe07f59c1aaa8968c54
SHA256

cd959bbb01e96cf1cd0a144ee31d6c390e1adf77c63a82a7345c16521a712e18
SHA512

d52619330b9f36edd414e3d905df2185d39c28a3ac2cf9afba6882145efe4404245ee77b5d384a870e814a13d8ac1996bbc9ceeb1316e1cc0a556570d3daf855
SSDEEP

6144:TdL8gISWcgI6gBvw215ogDN8vQoFeMMKad7yFG1hDRzTBQcQqxhC1vjVmtQDvPgu:TtXDN8oosMadLhV/BQcQEhC1EtQku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e30311ce752acc9cfa206f9be901a6_JaffaCakes118

Files

f9e30311ce752acc9cfa206f9be901a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64d8050dd4e7b0f15bf36828d08a700c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
MultiByteToWideChar
MapViewOfFile
CreateMailslotW
RtlUnwind
InterlockedExchange
CreateToolhelp32Snapshot
HeapFree
ExitProcess
GetProfileStringA
IsBadWritePtr
LeaveCriticalSection
GetStringTypeW
GetEnvironmentStrings
LCMapStringA
GetModuleHandleW
FreeEnvironmentStringsW
WriteFile
HeapDestroy
GetStartupInfoA
SetLastError
FreeEnvironmentStringsA
GetCurrentThread
GetModuleHandleA
GetVersion
GetStringTypeA
QueryPerformanceCounter
WriteConsoleOutputW
GetCommandLineA
VirtualQueryEx
LoadLibraryA
CreateFileW
DeleteCriticalSection
UnhandledExceptionFilter
SetComputerNameW
GetFileType
GetOEMCP
OpenEventA
GetCPInfo
GetCurrentThreadId
WideCharToMultiByte
VirtualFree
SetHandleCount
VirtualAlloc
GetCurrentProcess
TlsAlloc
Sleep
GetEnvironmentStringsW
TlsSetValue
CopyFileExA
GetConsoleTitleW
InitializeCriticalSection
VirtualQuery
EnterCriticalSection
GetProcAddress
TerminateProcess
GetCurrentProcessId
GetPrivateProfileStringA
LCMapStringW
CreateFileA
GetTickCount
OpenWaitableTimerW
GetLastError
GetStdHandle
HeapReAlloc
GetSystemTimeAsFileTime
TlsFree
GetModuleFileNameA
CreateSemaphoreW
TlsGetValue
HeapCreate
HeapAlloc

wininet

LoadUrlCacheContent
GopherFindFirstFileW
InternetConfirmZoneCrossingW
SetUrlCacheGroupAttributeA
FindNextUrlCacheEntryW

comdlg32

GetSaveFileNameA
FindTextW

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64d8050dd4e7b0f15bf36828d08a700c

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 3KB - Virtual size: 31KB

.data Size: 281KB - Virtual size: 281KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 3KB - Virtual size: 31KB

.data
Size: 281KB - Virtual size: 281KB

.rsrc
Size: 12KB - Virtual size: 11KB