0629e90972f673ac0e422eccea71b794_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0629e90972f673ac0e422eccea71b794_JaffaCakes118
Size

505KB
MD5

0629e90972f673ac0e422eccea71b794
SHA1

3df4217c3fb70114f5844a2e72cd2e018e8eb13c
SHA256

a405b785ad749017fe23325c53e6bc4d1705a414f994317dc1e94641661fa8eb
SHA512

e22818d83f46fa44d39bcc50dc90fd6c8b56194b52d3e3a5cba6244f49849a8996323a3b47ccbb81d13ac99c5d4a51549a900e2ab73fd0c5c961d0e4ff00af0b
SSDEEP

12288:AdZl5jLMlXybTG/lTOsvGxqgl1/+sNSIUSdL:AdXHbKNTO58gll+sNSIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0629e90972f673ac0e422eccea71b794_JaffaCakes118

Files

0629e90972f673ac0e422eccea71b794_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d00db69cbde1e44cc44529a43ec5f848

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentThread
VirtualQuery
GetModuleHandleA
GetStringTypeW
EnterCriticalSection
HeapDestroy
HeapCreate
MultiByteToWideChar
CloseHandle
GetFileType
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCurrentProcess
SetEnvironmentVariableA
InterlockedIncrement
GetDateFormatA
HeapSize
LocalShrink
CreateFileA
WriteFile
InterlockedExchange
ReadFile
SetLastError
VirtualAlloc
RtlUnwind
WriteConsoleA
QueryPerformanceCounter
HeapFree
GetOEMCP
CreateMutexA
TlsSetValue
GetCPInfo
IsDebuggerPresent
GetTickCount
UnhandledExceptionFilter
GetShortPathNameW
LCMapStringA
SetStdHandle
GetModuleHandleW
TlsFree
GetTimeZoneInformation
GetCurrentThreadId
CompareStringA
InterlockedDecrement
WriteConsoleOutputAttribute
ExitProcess
SetHandleCount
GetLocaleInfoW
CompareStringW
GetLocaleInfoA
TerminateProcess
WideCharToMultiByte
GlobalAlloc
WriteConsoleW
GetStdHandle
lstrcpynW
TlsAlloc
GetConsoleMode
HeapAlloc
TlsGetValue
WriteProfileSectionA
DeleteFileA
HeapReAlloc
EnumSystemLocalesA
Sleep
FreeLibrary
VirtualFree
GetCurrentProcessId
GetACP
GetStartupInfoA
GetConsoleOutputCP
GetProcAddress
LeaveCriticalSection
GetUserDefaultLCID
GetConsoleCP
SetFilePointer
IsValidLocale
SetEndOfFile
GetEnvironmentStringsW
LCMapStringW
GetStringTypeA
SetUnhandledExceptionFilter
GetLastError
FlushFileBuffers
GetSystemTimeAsFileTime
OpenMutexA
GetCommandLineA
GetTimeFormatA
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetConsoleCtrlHandler
CreateFileMappingA

user32

LoadCursorW
RegisterClassA
DefMDIChildProcW
RegisterClassExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d00db69cbde1e44cc44529a43ec5f848

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 9KB - Virtual size: 9KB