662b1e30d7b6cb112109e29ab48d702e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

662b1e30d7b6cb112109e29ab48d702e_JaffaCakes118
Size

423KB
MD5

662b1e30d7b6cb112109e29ab48d702e
SHA1

bee7a69bafe8ff685bd6de6ccd5d23338c982c0a
SHA256

da5269e092179ac69b8a3978de2b0035a209ea635e7f2f5642f3f62756b4eedf
SHA512

ffcd722fc0fe7ec774967eb34498ef03357dd3dd2f911e0aa95a2d121787d5c77e84cabce566277e933780932e4e0121db5991b952f6c2677f2f2adb9815e422
SSDEEP

12288:5hIhlh2283k7tu+9MamUR0kNRltfqE23ZaCZB:5h6aUKadfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
662b1e30d7b6cb112109e29ab48d702e_JaffaCakes118

Files

662b1e30d7b6cb112109e29ab48d702e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4aced09f7d6708044af7f0f56ec231a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
GetEnvironmentStringsW
VirtualFree
GetCurrentThread
RtlUnwind
IsValidLocale
GetCommandLineW
GetCurrentProcess
HeapDestroy
VirtualAlloc
WriteFile
TlsSetValue
HeapReAlloc
GetTimeZoneInformation
DeleteCriticalSection
GetTimeFormatA
GetModuleFileNameW
WideCharToMultiByte
GetModuleFileNameA
GetStartupInfoA
IsValidCodePage
ExitProcess
GetStringTypeA
IsBadWritePtr
LeaveCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
HeapSize
GetLocaleInfoW
SetHandleCount
QueryPerformanceCounter
CompareStringW
TlsAlloc
GetACP
VirtualQuery
GetCurrentThreadId
GetLocaleInfoA
HeapAlloc
GetVersionExA
HeapFree
TlsGetValue
TerminateProcess
GetCurrentProcessId
GetCommandLineA
LCMapStringA
InitializeCriticalSection
ConnectNamedPipe
SetEnvironmentVariableA
GetLastError
GetStringTypeW
LCMapStringW
GetOEMCP
TlsFree
VirtualProtect
EnumSystemLocalesA
GetDateFormatA
GetModuleHandleA
EnterCriticalSection
GetStdHandle
GetCPInfo
CompareStringA
HeapCreate
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
MultiByteToWideChar
GetProcAddress
GetSystemInfo
GetUserDefaultLCID
GetEnvironmentStrings
UnhandledExceptionFilter
InterlockedExchange
SetLastError

shell32

SheGetDirA
SHUpdateRecycleBinIcon
InternalExtractIconListW
SHBrowseForFolderA
CheckEscapesW
SHInvokePrinterCommandA
DragQueryFileAorW
ExtractAssociatedIconExW
SHGetSpecialFolderPathA
SHEmptyRecycleBinW
ShellHookProc
SHInvokePrinterCommandW
DragAcceptFiles

advapi32

RegEnumKeyExW
CryptSetHashParam
CryptGetDefaultProviderW
RegLoadKeyW
RegReplaceKeyW
CryptAcquireContextW
CryptReleaseContext
CryptVerifySignatureA
RegOpenKeyExW
RegQueryValueA
RegDeleteKeyA
CryptSetProviderW
CryptEnumProviderTypesA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4aced09f7d6708044af7f0f56ec231a

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

Sections

.text Size: 140KB - Virtual size: 139KB

.data Size: 276KB - Virtual size: 281KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 140KB - Virtual size: 139KB

.data
Size: 276KB - Virtual size: 281KB

.rsrc
Size: 6KB - Virtual size: 5KB