24da89119f7879289049a4a54f083f60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24da89119f7879289049a4a54f083f60_JaffaCakes118
Size

312KB
MD5

24da89119f7879289049a4a54f083f60
SHA1

b8ceb84537195018ecc5a667e7f5634764ac8b3b
SHA256

25802e3a54a116808149d647db5f66d3bbbee8705b2ce0233a93cc71cde143bc
SHA512

c34675e647f1b2f5bfa875595d4743ee92c146b1f1e76f2d49bf04f227d5bce06a9db8c47122264f14edc868b96aa9349178b876f9d2c5491524233af4fd80a2
SSDEEP

6144:14ddvb8+cRVScehjpmanXJ18HgWgDNuLoH4WubVR6:143vQ9aManXJmH/gxuLoYz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24da89119f7879289049a4a54f083f60_JaffaCakes118

Files

24da89119f7879289049a4a54f083f60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e6c9db2ece7f3898f4f77645052bf3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\JFEMY\OMHUSQGZE\

Imports

kernel32

GetOEMCP
GetTickCount
HeapAlloc
GetCurrentProcessId
VirtualAlloc
GetLocaleInfoA
UnhandledExceptionFilter
GetNamedPipeInfo
GetStdHandle
SetFilePointer
GetCurrentProcess
SetPriorityClass
ReadFile
HeapFree
GetStringTypeA
QueryPerformanceCounter
TlsGetValue
InterlockedExchange
GetLocaleInfoW
GetTimeFormatA
FlushFileBuffers
GetFileType
InitializeCriticalSection
GetSystemInfo
SetHandleCount
SetStdHandle
GetExitCodeThread
FlushInstructionCache
GetVersionExA
lstrcatW
GetModuleFileNameA
GetUserDefaultLCID
CompareStringA
ExitProcess
TlsSetValue
GetStringTypeW
TlsFree
IsValidCodePage
GetCommandLineA
GetCurrentThread
OpenMutexA
GetTimeZoneInformation
SetConsoleMode
WriteFile
GetEnvironmentStringsW
VirtualProtect
FreeEnvironmentStringsA
IsValidLocale
TlsAlloc
IsBadWritePtr
GetLastError
CreateMutexA
LCMapStringW
GetCurrentThreadId
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetDateFormatA
HeapSize
EnterCriticalSection
FreeEnvironmentStringsW
SetLastError
VirtualQuery
CloseHandle
DosDateTimeToFileTime
GetProcAddress
EnumSystemLocalesA
GetEnvironmentStrings
GetStringTypeExA
GetSystemTimeAsFileTime
GetACP
LocalAlloc
VirtualQueryEx
LCMapStringA
WriteProfileSectionW
GetCPInfo
RtlUnwind
CreateMailslotA
FoldStringW
VirtualFree
GetModuleHandleA
GetStartupInfoA
HeapCreate
SetEnvironmentVariableA
HeapReAlloc
GetTempFileNameW
TerminateProcess
CompareStringW
lstrcpyA
WideCharToMultiByte
LoadLibraryA
LockResource
HeapDestroy

comctl32

DrawInsert
CreateToolbar
ImageList_AddIcon
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_SetImageCount

user32

CharToOemBuffA
RegisterClassA
DefWindowProcA
MessageBoxW
RegisterClassExA
CallMsgFilterW
DestroyWindow
CreateWindowExA
ShowWindow

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e6c9db2ece7f3898f4f77645052bf3c

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 79KB - Virtual size: 95KB

.data Size: 94KB - Virtual size: 93KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 79KB - Virtual size: 95KB

.data
Size: 94KB - Virtual size: 93KB

.rsrc
Size: 9KB - Virtual size: 8KB