306c9fd868244953be534c77196fb7a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

306c9fd868244953be534c77196fb7a5_JaffaCakes118
Size

457KB
MD5

306c9fd868244953be534c77196fb7a5
SHA1

a8895b06969188a891f98658ab5a94cb425cb49b
SHA256

00050417d3432954d73aaaf083f9c99fe9337159525697e8a4da28ff0a759a2a
SHA512

2bf838994c55965856d6d61b79dd80b0651fcc19c15b8782441577f16e289d548f74556fcfb9eced02b7eacb785c67638db26cb19d799c50e2189d42d8cba0fc
SSDEEP

12288:MLulQ85c5378dw+O7fllcIY4IAy/9AF9Frbk7:gulQg4rbrlSiWFc9Fc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306c9fd868244953be534c77196fb7a5_JaffaCakes118

Files

306c9fd868244953be534c77196fb7a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25eae19526822c20cfd14dca7e71a67a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeW
GetUserDefaultLCID
LCMapStringW
GetProcAddress
GetVersionExA
HeapReAlloc
MultiByteToWideChar
CommConfigDialogA
GetFileType
GetCurrentProcessId
SetEnvironmentVariableA
GetFileTime
FreeEnvironmentStringsW
SetHandleCount
TlsGetValue
HeapCreate
GetShortPathNameW
SetLastError
TlsSetValue
GetCPInfo
Sleep
TlsFree
GetProcessHeap
HeapSize
GetThreadLocale
GetEnvironmentStrings
GetTimeFormatA
RtlMoveMemory
ExitProcess
GetTickCount
GlobalFlags
SetConsoleCtrlHandler
HeapFree
DeleteCriticalSection
GetModuleFileNameA
GetLocaleInfoW
LoadLibraryA
QueryPerformanceCounter
CompareStringW
VirtualAlloc
CreateMutexW
WriteFile
TlsAlloc
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
EnterCriticalSection
FreeLibrary
GetCurrentThread
IsValidCodePage
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetFileSize
GetSystemTimeAsFileTime
EnumSystemLocalesA
WriteConsoleInputW
GetThreadPriority
FreeEnvironmentStringsA
GetACP
FindNextFileA
LCMapStringA
InitializeCriticalSection
WideCharToMultiByte
GetVolumeInformationA
GetCommandLineA
IsValidLocale
ReadConsoleOutputCharacterA
GetStringTypeA
LeaveCriticalSection
GetDateFormatA
FileTimeToLocalFileTime
InterlockedExchange
GetLastError
UnhandledExceptionFilter
CompareStringA
InterlockedDecrement
SetCurrentDirectoryA
GetStartupInfoW
HeapDestroy
GetStdHandle
HeapAlloc
IsDebuggerPresent
WaitNamedPipeW
VirtualFree
GetStartupInfoA
VirtualQuery
GetModuleHandleA
InterlockedIncrement
GetEnvironmentStringsW
GetOEMCP

gdi32

SetGraphicsMode
CreateRoundRectRgn
GetTextExtentPointW
RealizePalette
SetROP2
CreateScalableFontResourceW
GdiGetBatchLimit
CreateEllipticRgn
GetTextExtentPoint32A
FrameRgn
SetStretchBltMode
Pie
PolyTextOutW
GetBkColor
SetMapperFlags
GetKerningPairsA
StretchBlt
GetMetaRgn
CreateDCW
PaintRgn
GetTextMetricsW
MoveToEx
ExtSelectClipRgn

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25eae19526822c20cfd14dca7e71a67a

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 176KB - Virtual size: 175KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 176KB - Virtual size: 175KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 4KB - Virtual size: 3KB