0fef67ff06425a68ae7992c023cc8b57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fef67ff06425a68ae7992c023cc8b57_JaffaCakes118
Size

462KB
MD5

0fef67ff06425a68ae7992c023cc8b57
SHA1

f3a09ea13d7923ba15e97b0828189b120b2f4441
SHA256

a0cd71ce08d15c9b58db784600a5fe5909360e303c44253987f88d83212eec08
SHA512

ec35fd47ea8c0aa95ca508a6c6c6338053a5f7e5517461cf6f3edc4966afdb4e58fd5fcc05bb15833b76a2b3e21eee9325505fbb89411470ee5df87ac1f8054c
SSDEEP

12288:xMttgMJdeZqDHMcNwk4JijT3Hbu4R0d2rI3:xKtgIIZiHD7Zj7bZR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fef67ff06425a68ae7992c023cc8b57_JaffaCakes118

Files

0fef67ff06425a68ae7992c023cc8b57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8dedd27b7820126ffb56e96bfcd09b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetVersionExA
HeapSize
SetEnvironmentVariableA
GetProcAddress
InitializeCriticalSection
HeapReAlloc
SetLastError
ExpandEnvironmentStringsA
GetOEMCP
GetCurrentProcessId
TlsAlloc
EnterCriticalSection
GetCommandLineA
TlsFree
WideCharToMultiByte
InterlockedDecrement
EnumSystemCodePagesA
TlsGetValue
WriteFile
GetEnvironmentStrings
UnhandledExceptionFilter
CompareStringA
GetStringTypeW
IsDebuggerPresent
SetLocalTime
GetLocaleInfoA
GlobalGetAtomNameW
HeapCreate
ExitProcess
GetTickCount
SetThreadLocale
Sleep
HeapFree
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
LoadLibraryA
QueryPerformanceCounter
EnumSystemLocalesA
VirtualAlloc
GetConsoleMode
GetACP
VirtualFree
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsW
GetCurrentThread
GetFileType
LeaveCriticalSection
TlsSetValue
HeapDestroy
CompareStringW
GetSystemTimeAsFileTime
FreeLibrary
SetUnhandledExceptionFilter
lstrcmpA
GetCPInfo
GetDateFormatA
GetComputerNameW
SetConsoleCtrlHandler
IsValidCodePage
GetStringTypeA
FindAtomA
GetEnvironmentStringsW
MultiByteToWideChar
CommConfigDialogA
GetUserDefaultLCID
SetHandleCount
GetLastError
OpenMutexA
InterlockedExchange
GetProcessHeap
GetLocaleInfoW
DeleteCriticalSection
IsValidLocale
GetSystemDefaultLangID
FileTimeToLocalFileTime
InterlockedIncrement
GetTimeZoneInformation
HeapAlloc
LCMapStringW
FlushInstructionCache
GetThreadSelectorEntry
GetTimeFormatA
VirtualQuery
GetModuleHandleA
LCMapStringA

wininet

RetrieveUrlCacheEntryFileW
FindFirstUrlCacheEntryExA
ShowX509EncodedCertificate
GopherCreateLocatorW
CreateUrlCacheGroup
InternetDial
InternetFindNextFileA
InternetTimeToSystemTime
InternetCombineUrlW
RetrieveUrlCacheEntryStreamA
InternetTimeToSystemTimeW
InternetGetCertByURL
IsHostInProxyBypassList
InternetHangUp

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8dedd27b7820126ffb56e96bfcd09b7

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 167KB - Virtual size: 167KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 167KB - Virtual size: 167KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 15KB - Virtual size: 14KB