6469a181611e8eb52400db88b8336242_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6469a181611e8eb52400db88b8336242_JaffaCakes118
Size

481KB
MD5

6469a181611e8eb52400db88b8336242
SHA1

cb44b32e652f977320fe2a8fbbf60484aab7814a
SHA256

9b205c98d7581066f482e557ae2c12b91d08abc53b384f6b4a5774685eda69f6
SHA512

9c2ade65bad64af1cc4718d78937ad21f1d4e7aa3a865c4c853540557fcd82a1cca8d76f878272d47a553f8dc303aa125446ebc7c1043241113d2bce177bee93
SSDEEP

12288:Z4I3FF6PB8OVkkN/LpzUg6a5a39ZU9KMGNHfUhHO2vtfKAqD/pYNX:zf63Vl9uZZRB81K7GNX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6469a181611e8eb52400db88b8336242_JaffaCakes118

Files

6469a181611e8eb52400db88b8336242_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ef6c7728ff449086970097af121511e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetTimeZoneInformation
HeapCreate
MultiByteToWideChar
GetProcAddress
HeapDestroy
HeapReAlloc
SetHandleCount
GetThreadTimes
GetModuleFileNameW
GetCurrentProcessId
SetUnhandledExceptionFilter
SetLocalTime
GetCPInfo
Sleep
UnhandledExceptionFilter
HeapSize
GetProcAddress
TlsAlloc
VirtualFree
GetDateFormatA
TlsGetValue
CompareStringA
GetStdHandle
InterlockedDecrement
CreateFileMappingA
GetLocaleInfoA
ExpandEnvironmentStringsA
ContinueDebugEvent
ExitProcess
GetTickCount
CopyFileA
SetLastError
HeapFree
EnumSystemLocalesA
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
QueryPerformanceCounter
EnterCriticalSection
VirtualAlloc
GetEnvironmentVariableW
WriteConsoleA
TlsSetValue
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsW
GetCommandLineW
GetFileType
LCMapStringA
TlsFree
GetUserDefaultLCID
CompareStringW
GetSystemTimeAsFileTime
FreeLibrary
GetVolumeInformationW
GetThreadLocale
GetACP
GetCurrentThread
SetConsoleCtrlHandler
LeaveCriticalSection
InterlockedIncrement
WriteFile
GetCompressedFileSizeW
GetEnvironmentStringsW
LCMapStringW
RemoveDirectoryA
GetTimeFormatA
SetEnvironmentVariableA
GetLastError
WritePrivateProfileStructW
InterlockedExchange
GetModuleHandleW
WideCharToMultiByte
DeleteCriticalSection
IsDebuggerPresent
CreateProcessW
OpenEventW
InitializeCriticalSectionAndSpinCount
GetStringTypeW
HeapAlloc
IsValidLocale
lstrcmpiW
SetConsoleCP
GetStringTypeA
VirtualQuery
GetModuleHandleA
IsValidCodePage
GetLocaleInfoW
GetStartupInfoW

wininet

CreateUrlCacheContainerW
InternetHangUp
InternetGoOnline
InternetQueryOptionW
FtpDeleteFileW
GetUrlCacheGroupAttributeA
InternetOpenA
DeleteIE3Cache
InternetOpenUrlW
FindFirstUrlCacheEntryW
FtpOpenFileW
InternetGoOnlineA
FtpOpenFileA
FtpGetFileSize
InternetQueryOptionA
CommitUrlCacheEntryA
FindFirstUrlCacheEntryExW
InternetGetCertByURL
InternetCombineUrlA
InternetSetDialStateA

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ef6c7728ff449086970097af121511e

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 154KB - Virtual size: 153KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 154KB - Virtual size: 153KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 13KB - Virtual size: 12KB