60b55d8d1b0ec64474f80745d7de88bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60b55d8d1b0ec64474f80745d7de88bb_JaffaCakes118
Size

172KB
MD5

60b55d8d1b0ec64474f80745d7de88bb
SHA1

23557367c7a96267ee94ca5ab6d01ca7eff65f88
SHA256

f12dfac9e4d872e521fbdf3c5b240d51b8a972e82ec94f7e674d415f8c2038f6
SHA512

9fa3cfa6c899d2171d7e877fc65bcc94e5515231efad4dfd9aded0f00f74661c4a2eb72a4af49310433146421e40f954c768eb72777005c93390fdd0c131a6bf
SSDEEP

3072:kJkN7r4f0mPQ/QZPSmCzSoI6wJiY0eI1roNPx:kyN7r4fdZK46wJW31AZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60b55d8d1b0ec64474f80745d7de88bb_JaffaCakes118

Files

60b55d8d1b0ec64474f80745d7de88bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee240c5d2aba255c8fca5791203cd95c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetProcAddress
LoadLibraryA
Sleep
WriteFile
DeleteFileA
CloseHandle
CreateFileA
ReadFile
GetFileSize
FreeLibrary
GetModuleHandleA
CreatePipe
CreateProcessA
lstrcmpiA
GetVersionExA
GetLastError
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
TerminateProcess
OutputDebugStringA
lstrlenA
PeekNamedPipe
SetFilePointer
CopyFileA
GetEnvironmentVariableA
GetCurrentProcess
Process32Next
Module32First
Process32First
CreateToolhelp32Snapshot
OpenProcess
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
lstrcmpA
CreateThread
GetModuleFileNameA
MultiByteToWideChar
SetFileAttributesA
FindFirstFileA
GetSystemDirectoryA
WaitForSingleObject
GetCPInfo
IsBadCodePtr
IsBadReadPtr
HeapFree
RtlUnwind
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
RaiseException

user32

RegisterClassA
CreateWindowExA
LoadIconA
UpdateWindow
GetMessageA
DispatchMessageA
TranslateMessage
wsprintfA
DefWindowProcA
PostQuitMessage
ShowWindow

advapi32

GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee240c5d2aba255c8fca5791203cd95c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 100KB - Virtual size: 97KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 100KB - Virtual size: 97KB