6257c6c34678804ffdc3b873725d3dcc_JaffaCakes118

General

Target

6257c6c34678804ffdc3b873725d3dcc_JaffaCakes118
Size

204KB
MD5

6257c6c34678804ffdc3b873725d3dcc
SHA1

0423f45e51ded2f1e875a7d8ad2ac782a260e310
SHA256

6022a43426532395db76abb917b3bed4e8c42bf5bd194ae9020aa6ea47a19002
SHA512

31ddc190b7f1794e70bfbeea85a8aa80a105fb2408db3ab53c98518682207bf3688ffe15b53a57db7ea59b517934ec39a6f5a1c606fb265caa588d775c3ed9d7
SSDEEP

96:kegzVvuR0/VvuR04gTWs9KAK6IjbGH9A/E0nT8v1h:k5pvuR0NvuR04gTD9zIjyH9A/EO8vr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6257c6c34678804ffdc3b873725d3dcc_JaffaCakes118

Files

6257c6c34678804ffdc3b873725d3dcc_JaffaCakes118
.exe windows:0 windows x86 arch:x86

27c701b512d34f3650bf987bdec0de44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasW
BackupSeek
BaseCleanupAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseFlushAppcompatCache
BaseUpdateAppcompatCache
BuildCommDCBA
BuildCommDCBW
CommConfigDialogW
CompareFileTime
CompareStringW
ConsoleMenuControl
CreateFiber
CreateFileA
CreateJobObjectA
CreateMailslotA
CreateProcessW
CreateRemoteThread
CreateSemaphoreA
DebugBreak
DefineDosDeviceA
DeleteFileA
DeleteTimerQueueEx
DisableThreadLibraryCalls
DisconnectNamedPipe
DuplicateHandle
EnumSystemCodePagesW
EnumTimeFormatsA
FatalExit
FileTimeToLocalFileTime
FileTimeToSystemTime
FindActCtxSectionStringA
FindAtomA
FindNextChangeNotification
FindNextVolumeA
FindResourceExA
GetCPInfo
GetCalendarInfoW
GetCommConfig
GetCommTimeouts
GetCommandLineW
GetConsoleAliasExesLengthA
GetConsoleCharType
GetConsoleCursorInfo
GetConsoleFontInfo
GetConsoleFontSize
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetDiskFreeSpaceExW
GetEnvironmentStrings
GetEnvironmentVariableW
GetFileTime
GetFirmwareEnvironmentVariableA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetNamedPipeHandleStateW
GetNlsSectionName
GetNumaAvailableMemory
GetPrivateProfileSectionA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessWorkingSetSize
GetSystemDirectoryW
GetSystemPowerStatus
GetSystemWow64DirectoryA
GetTempPathW
GetThreadIOPendingFlag
GetVDMCurrentDirectories
GetWindowsDirectoryA
GetWriteWatch
GlobalDeleteAtom
GlobalGetAtomNameA
GlobalUnWire
HeapCreateTagsW
HeapExtend
HeapValidate
InitializeSListHead
InterlockedExchange
IsValidLocale
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadModule
LocalLock
Module32NextW
MoveFileA
NlsResetProcessLocale
OpenConsoleW
OpenJobObjectA
OpenMutexW
OpenSemaphoreA
OpenSemaphoreW
OutputDebugStringW
PrivMoveFileIdentityW
Process32First
PulseEvent
QueryInformationJobObject
ReadConsoleInputA
ReadConsoleInputExW
ReadConsoleOutputA
ReadConsoleW
ReadFileScatter
RegisterConsoleIME
ReplaceFileA
ResetEvent
ResumeThread
ScrollConsoleScreenBufferA
SearchPathA
SetComputerNameExW
SetComputerNameW
SetConsoleCP
SetConsoleKeyShortcuts
SetConsoleMaximumWindowSize
SetCurrentDirectoryA
SetDefaultCommConfigW
SetDllDirectoryA
SetEnvironmentVariableW
SetErrorMode
SetFirmwareEnvironmentVariableW
SetLastConsoleEventActive
SetNamedPipeHandleState
SetPriorityClass
SetThreadAffinityMask
ShowConsoleCursor
SwitchToThread
TransmitCommChar
TrimVirtualBuffer
UnlockFile
VDMConsoleOperation
VerifyVersionInfoA
VirtualFreeEx
VirtualQuery
WaitForDebugEvent
WaitForMultipleObjectsEx
WriteConsoleInputVDMA
WriteConsoleOutputA
WritePrivateProfileSectionW
WritePrivateProfileStructA
WriteProfileStringA
_lopen

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27c701b512d34f3650bf987bdec0de44

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB