66c24061d6d7bd9564bc7d5e308e03a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66c24061d6d7bd9564bc7d5e308e03a3_JaffaCakes118
Size

364KB
MD5

66c24061d6d7bd9564bc7d5e308e03a3
SHA1

ca9479000083caab2bbc8158dee108f0dbd714a4
SHA256

c36ac97cbe1ef867088b71181247d513053a3611b78f6586d6c1878af8e2f0ef
SHA512

f9e856e72318e150b7b203392aa04282817476b21846a802f6306da7a53263c5ff3d736491695932306ea0a8ab37d5342fe4fa0ed11d9578d6d64884e4cb73ca
SSDEEP

6144:3WXg/U1cyuevuOPvgDL6XJ2ptTUDw1fgJtdDuwsgcVpyoYUejqrOxoLmd0+n:y0UDn3QL6XJ2ptTUDw1oLdpcVpVYUR/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66c24061d6d7bd9564bc7d5e308e03a3_JaffaCakes118

Files

66c24061d6d7bd9564bc7d5e308e03a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f66b22046796b0f1e6db8964499b8c43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateIconFromResourceEx
CreateDesktopW
GetListBoxInfo
TranslateAcceleratorW
RegisterClassA
GetMenuState
EnumDisplaySettingsA
CreateWindowExW
SetCursorPos
RemovePropW
SetDlgItemTextA
DlgDirSelectComboBoxExW
DdeInitializeW
EndPaint
RegisterClassExA
SetSystemCursor
NotifyWinEvent
DefFrameProcA
DdeDisconnectList
VkKeyScanW
CharUpperBuffW

comctl32

InitCommonControlsEx

kernel32

GetLocalTime
InterlockedDecrement
HeapFree
GetFileType
SetEnvironmentVariableA
GetCurrentProcessId
LoadResource
GetLastError
GetCurrentProcess
FindResourceA
GetSystemTimeAsFileTime
VirtualQuery
InterlockedExchange
InitializeCriticalSection
FreeEnvironmentStringsA
InterlockedIncrement
SetHandleCount
SetConsoleCtrlHandler
lstrcat
GetVersion
GetModuleFileNameA
WritePrivateProfileSectionW
SetFilePointer
WriteConsoleA
RtlUnwind
ReadFile
GetCurrentThreadId
GetStringTypeExW
GetStringTypeW
HeapCreate
GetTickCount
WriteFile
OpenEventW
GetStartupInfoW
HeapAlloc
FreeEnvironmentStringsW
UnhandledExceptionFilter
VirtualAlloc
GlobalFlags
TlsFree
LoadLibraryA
GetTimeZoneInformation
GetNamedPipeInfo
GetCommandLineA
TerminateProcess
CreateWaitableTimerW
ReleaseMutex
GetPrivateProfileStructW
TlsSetValue
ReadConsoleOutputW
SetStdHandle
GetModuleFileNameW
OpenMutexA
LeaveCriticalSection
WideCharToMultiByte
SetLastError
ExitProcess
LCMapStringA
WriteConsoleOutputCharacterA
GetCommandLineW
DeleteCriticalSection
GetSystemTime
TlsAlloc
HeapReAlloc
LCMapStringW
GetStdHandle
GetEnvironmentStrings
GetModuleHandleA
MultiByteToWideChar
HeapDestroy
FlushFileBuffers
FileTimeToSystemTime
TlsGetValue
IsBadWritePtr
GetCurrentThread
EnterCriticalSection
CompareStringA
CloseHandle
GetStringTypeA
GetProcAddress
CompareStringW
QueryPerformanceCounter
InterlockedCompareExchange
VirtualUnlock
GetCPInfo
CreateMutexA
GetStartupInfoA
GetEnvironmentStringsW
VirtualFree

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f66b22046796b0f1e6db8964499b8c43

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 4KB - Virtual size: 31KB

.data Size: 174KB - Virtual size: 173KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 4KB - Virtual size: 31KB

.data
Size: 174KB - Virtual size: 173KB

.rsrc
Size: 10KB - Virtual size: 9KB