610df4087209ad25a2bda28b96701338_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

610df4087209ad25a2bda28b96701338_JaffaCakes118
Size

665KB
MD5

610df4087209ad25a2bda28b96701338
SHA1

e25bf95bd8957af665468d99664bc8573e447a43
SHA256

40cbdd70854c6d183e3d45669a9dfebd2d8a4b8f84e4553c9f9d6ef08ca57269
SHA512

f9dcbe90730ee3c7c195a8d9e1d1d79e6ac099ea5e9bb919f5fea0322a18120bf23950f78947c772227e3b52caa597b607542a664676aa903cf708f8e5b40b99
SSDEEP

12288:Evv5h/rkHj1ma9W8kdw9KcQU2WoWnOW23XD+gV4gzdM1CPH9sfy0/q:qhzAv9ff0UNXW3Pz+IPH9m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610df4087209ad25a2bda28b96701338_JaffaCakes118

Files

610df4087209ad25a2bda28b96701338_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b57cc24699127dc5b2fe4479a9c97772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cep\gmyxof.PDB

Imports

kernel32

LeaveCriticalSection
LoadLibraryA
SetLastError
GetModuleHandleA
CreateFileA
GetFileType
IsValidLocale
GetStdHandle
HeapReAlloc
HeapAlloc
HeapCreate
IsDebuggerPresent
GetCommandLineA
GetCurrentThreadId
GetCurrentProcessId
GetLocaleInfoW
TlsGetValue
ReleaseMutex
DeleteCriticalSection
RaiseException
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
SetHandleCount
GetTickCount
GetEnvironmentStrings
GetStringTypeW
OutputDebugStringA
GetLastError
LCMapStringA
InterlockedDecrement
IsValidCodePage
GetModuleHandleW
InterlockedIncrement
LoadLibraryExW
VirtualAlloc
GetTimeFormatA
ReadFile
WriteFileEx
GetDateFormatA
VirtualFree
SetFilePointer
QueryPerformanceCounter
GetCurrentProcess
CompareStringA
GetStartupInfoA
GetCurrentThread
GetPrivateProfileIntA
FreeLibrary
TerminateProcess
HeapValidate
GetConsoleOutputCP
Sleep
DebugBreak
WriteConsoleA
OpenMutexA
IsBadReadPtr
UnhandledExceptionFilter
TlsFree
SetUnhandledExceptionFilter
VirtualQuery
WriteFile
SetConsoleCtrlHandler
LCMapStringW
HeapDestroy
CloseHandle
WritePrivateProfileStructA
LoadLibraryW
lstrlenA
GetModuleFileNameW
CompareStringW
GlobalFindAtomW
GetLocaleInfoA
GetACP
InterlockedExchange
SetConsoleTitleA
VirtualLock
InterlockedExchangeAdd
GetCPInfo
GetProcAddress
GetUserDefaultLCID
HeapSize
GetTimeZoneInformation
OutputDebugStringW
ExitProcess
MultiByteToWideChar
GetConsoleMode
SetEnvironmentVariableA
TlsSetValue
GetStringTypeA
GetProcessHeap
MoveFileExA
GetAtomNameW
EnumSystemLocalesA
GetSystemTimeAsFileTime
CreateMutexA
FindResourceA
EnterCriticalSection
TlsAlloc
SetStdHandle
GetModuleFileNameA
WideCharToMultiByte
FreeEnvironmentStringsW
GetOEMCP
FlushFileBuffers
HeapFree
WriteConsoleW

comctl32

InitCommonControlsEx
DrawStatusTextW
CreateUpDownControl
ImageList_SetBkColor
ImageList_DrawEx
ImageList_LoadImageW
ImageList_SetDragCursorImage

user32

DestroyWindow
ShowWindow
CreateWindowExW
OpenDesktopA
MessageBoxA
RegisterClassA
RegisterClassExA
LoadImageA
DefWindowProcA

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b57cc24699127dc5b2fe4479a9c97772

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 457KB - Virtual size: 456KB

.rdata Size: 87KB - Virtual size: 94KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 457KB - Virtual size: 456KB

.rdata
Size: 87KB - Virtual size: 94KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 15KB - Virtual size: 14KB