9c207a7e2f920f01ce916cea472ca842_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9c207a7e2f920f01ce916cea472ca842_JaffaCakes118
Size

1.2MB
MD5

9c207a7e2f920f01ce916cea472ca842
SHA1

74ab56a3997606933795f6377c2f86df99d51810
SHA256

6e37c39bade829d7c9578c69cc58fa41a8d66d08519e6b67519da69bb7a66b93
SHA512

5632e0fede1f1afb8c7a67f3ce6b056ed87b91296920afa1825e7acf05a804c6222ef30b221fc08db6c8be1cc1a4d03d687ec399680858b2a3cda171cfdb78f6
SSDEEP

24576:yJykiQ9I9cEGX1MVxaKIePgBn/SOFWcatf3Bi4zoGKxp6/:yJQQ9Onr9ID/SEatfUZGmp6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c207a7e2f920f01ce916cea472ca842_JaffaCakes118

Files

9c207a7e2f920f01ce916cea472ca842_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2504ed8dc1e812cc1c3bdd52781c752

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Skill\After\What\Letter\fig\Hurry\forwardAlways.pdb

Imports

kernel32

IsBadReadPtr
GlobalFree
GlobalAlloc
QueryPerformanceFrequency
GlobalLock
QueryPerformanceCounter
CreateFileW
GetWindowsDirectoryW
GetSystemTime
OpenProcess
GetVersionExW
GetDateFormatW
FindResourceW
LoadResource
GetModuleHandleW
InitializeCriticalSection
EnterCriticalSection
RemoveDirectoryW
TlsGetValue
TlsAlloc
GetProcAddress
Sleep
CloseHandle
GetEnvironmentVariableW
GetTempPathW
CreateSemaphoreW
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
RtlUnwind
LoadLibraryA
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
HeapSize

ole32

OleCreate
CoInitialize
StgCreateDocfile
CoUninitialize
CoSuspendClassObjects
OleUninitialize
OleInitialize

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 916KB - Virtual size: 915KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2504ed8dc1e812cc1c3bdd52781c752

Headers

File Characteristics

PDB Paths

Imports

kernel32

ole32

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 37KB

.rsrc Size: 916KB - Virtual size: 915KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 37KB

.rsrc
Size: 916KB - Virtual size: 915KB