267ab0cc34570aecb321b5cf3927d18a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

267ab0cc34570aecb321b5cf3927d18a_JaffaCakes118
Size

323KB
MD5

267ab0cc34570aecb321b5cf3927d18a
SHA1

b23ad347f1c32ae1f3f54a097ae04c28703560c7
SHA256

6e6cbf43d420cfcbda34c132cafd09dd54952f1db633c895ea42962d13946fb3
SHA512

74f720740a6df0b3fb3027d84e0924a9fb4c2a63351cd658342a9a09a6add6ff6c40f5f6aad7ee7620ba1d8b00122fa10bc98cbee15d1acde8968c5d0eeb3c02
SSDEEP

6144:c9DaHpOWs0L4qQ1ZE6f75EmPGwuDibkX1LfgW/Q5iAolXlDYb:ctaHpO8VQZEqJGpD6gjbQ5ZolX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267ab0cc34570aecb321b5cf3927d18a_JaffaCakes118

Files

267ab0cc34570aecb321b5cf3927d18a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b05b23bf61f765a1077b3875d08358e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\luvee\acc\evt

Imports

kernel32

GetCurrentThread
SetEnvironmentVariableA
GetCurrentThreadId
WriteConsoleW
QueryPerformanceCounter
IsValidLocale
LCMapStringW
HeapAlloc
GetTimeZoneInformation
GetStartupInfoA
TlsGetValue
GetACP
LCMapStringA
CompareStringW
SetStdHandle
SetFilePointer
HeapCreate
GetLastError
GetCommandLineW
GetTimeFormatA
DeleteCriticalSection
LeaveCriticalSection
GetLocaleInfoA
InterlockedDecrement
WriteConsoleA
RtlUnwind
ExitProcess
GetFileType
InterlockedIncrement
EnumSystemLocalesA
Sleep
GetModuleHandleW
IsDebuggerPresent
WideCharToMultiByte
VirtualAlloc
HeapFree
GetStringTypeW
CloseHandle
VirtualFree
GetModuleFileNameW
GetStringTypeA
GetModuleHandleA
GetProcAddress
FreeLibrary
GetSystemTimeAsFileTime
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetLocaleInfoW
SetUnhandledExceptionFilter
HeapDestroy
EnterCriticalSection
CompareStringA
GetCurrentProcessId
IsValidCodePage
GetStartupInfoW
InterlockedExchange
GetEnvironmentStringsW
SetHandleCount
CreateFileA
WriteFile
UnhandledExceptionFilter
MultiByteToWideChar
GetTickCount
GetConsoleMode
FlushFileBuffers
GetStdHandle
GetConsoleOutputCP
LoadLibraryA
GetModuleFileNameA
SetConsoleCtrlHandler
GetUserDefaultLCID
GetOEMCP
GetCPInfo
TlsSetValue
FreeEnvironmentStringsW
lstrcpyA
GetCommandLineA
OpenMutexA
GetDateFormatA
HeapSize
HeapReAlloc
TerminateProcess
ReadFile
TlsAlloc
TlsFree
VirtualQuery
GetConsoleCP
CreateMutexA

gdi32

DrawEscape
PtVisible
SetDeviceGammaRamp
SetStretchBltMode
EnumFontsA
CreateEllipticRgn
FillRgn
GetGraphicsMode
CreateRectRgnIndirect
CombineRgn

comctl32

InitCommonControlsEx

user32

RegisterClassA
GetUserObjectInformationW
IsWindowEnabled
MessageBoxExW
VkKeyScanA
MoveWindow
CopyAcceleratorTableW
DefMDIChildProcA
OemToCharW
RegisterDeviceNotificationA
MenuItemFromPoint
DefWindowProcA
LoadKeyboardLayoutA
EnumWindows
SetWinEventHook
RegisterClassExA
SetCursor
ArrangeIconicWindows
DrawCaption
RegisterClassW

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b05b23bf61f765a1077b3875d08358e8

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

user32

Sections

.text Size: 200KB - Virtual size: 200KB

.rdata Size: 24KB - Virtual size: 54KB

.data Size: 90KB - Virtual size: 90KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 24KB - Virtual size: 54KB

.data
Size: 90KB - Virtual size: 90KB

.rsrc
Size: 6KB - Virtual size: 6KB