06dd824a421d95b5c85766b51580b40d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06dd824a421d95b5c85766b51580b40d_JaffaCakes118
Size

547KB
MD5

06dd824a421d95b5c85766b51580b40d
SHA1

96757ffa9840d37c3a47b68ebcd907e42df769d1
SHA256

df788dd96b11d9aae9dad01a8783a1a3ed792f88f28239956aac3628ed524ba8
SHA512

02f47992b76681cbec4e0fa7834356fbb641092575d2a683aa7706f46e17d4278abc36ff97c674b44d25ebe0edbbcdbb7ec560ec8e0f228c0fb415a32353ce39
SSDEEP

12288:4aFrAwDZdwLwa4PHFoSLiyViddKrXpeq/YBJVtpHORU:pFrAwDpBP5LiyWKZVgBJzpHO2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06dd824a421d95b5c85766b51580b40d_JaffaCakes118

Files

06dd824a421d95b5c85766b51580b40d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8fc5d5b431bf02c512f91d8bba4158e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA
RegisterClassA
TranslateAccelerator
RegisterClassExA

kernel32

CompareStringA
CompareStringW
FoldStringW
FreeEnvironmentStringsA
GetLocaleInfoA
GetFileType
LockFile
GetDateFormatA
GetCPInfo
ReadFile
EnumSystemLocalesA
VirtualFree
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
GetVersionExA
GetModuleHandleA
GetDiskFreeSpaceA
WriteFile
GlobalFindAtomA
CloseHandle
InitializeCriticalSection
SetHandleCount
OpenMutexA
GetPrivateProfileStringA
VirtualAlloc
LeaveCriticalSection
TlsFree
HeapFree
SetThreadAffinityMask
GetProcAddress
GetUserDefaultLCID
IsValidCodePage
GetTickCount
HeapDestroy
TlsAlloc
TerminateProcess
GetSystemInfo
GetLastError
GetTimeFormatA
FlushFileBuffers
CreateMailslotW
GetTimeZoneInformation
GetCurrentProcess
IsValidLocale
CreateProcessW
EnterCriticalSection
IsBadWritePtr
TlsSetValue
VirtualQuery
LCMapStringW
GetEnvironmentStringsW
GetStringTypeW
GetOEMCP
SetEnvironmentVariableA
GetCommandLineA
LoadLibraryA
UnhandledExceptionFilter
GetCurrentThreadId
DeleteCriticalSection
ExitProcess
LCMapStringA
VirtualProtect
HeapCreate
WideCharToMultiByte
RtlUnwind
HeapReAlloc
CreateMutexA
FileTimeToSystemTime
HeapSize
GetStartupInfoA
GetStringTypeA
GetModuleFileNameA
GetAtomNameW
SetFilePointer
GetEnvironmentStrings
GetLocaleInfoW
InterlockedExchange
GetStdHandle
SetStdHandle
GetSystemTimeAsFileTime
MultiByteToWideChar
TlsGetValue
GetCurrentThread
GetACP
SetLastError
HeapAlloc
FreeEnvironmentStringsW

comctl32

InitCommonControlsEx

Sections

.text
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8fc5d5b431bf02c512f91d8bba4158e

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 387KB - Virtual size: 387KB

.rdata Size: 34KB - Virtual size: 40KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 387KB - Virtual size: 387KB

.rdata
Size: 34KB - Virtual size: 40KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 17KB - Virtual size: 16KB