67124a6a0e24869ff4f830992de957a9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

67124a6a0e24869ff4f830992de957a9_JaffaCakes118
Size

583KB
MD5

67124a6a0e24869ff4f830992de957a9
SHA1

2471074840675d30d2d1cd5896dcf7f7c655b83b
SHA256

b2d5f2a26caf42721be20aeabfde852ab136efd355278c805dfaab44ba578395
SHA512

4fd537ba0d7849d7cbe34c050b4bea9e6063ea4feaab0e17d334a918a15e8101c2128853ec1db8c523c6e176d236051fdbb6270e3f185a97a2d4c93a2463ca42
SSDEEP

12288:9FWPfcoJ1ILHRweEzljk22mMGHDTmr/TiDCjr9QcsY0/VQ:9MUoJSHRwdIrmMGHO2DCjr6csYKV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67124a6a0e24869ff4f830992de957a9_JaffaCakes118

Files

67124a6a0e24869ff4f830992de957a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f56fa9be2ee21bbed3d7a19c067138d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

MultiByteToWideChar
SetFilePointer
UnhandledExceptionFilter
GetCompressedFileSizeW
TlsFree
QueryPerformanceCounter
FreeEnvironmentStringsW
GetDateFormatA
GetCalendarInfoA
ExitProcess
WriteConsoleW
WideCharToMultiByte
LocalReAlloc
DeleteCriticalSection
GetStringTypeW
GetUserDefaultLCID
MapViewOfFile
HeapReAlloc
SetComputerNameW
GetConsoleMode
SetFileAttributesA
GetVolumeInformationA
VirtualFree
InitializeCriticalSection
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetCommandLineA
GetCurrentThread
GetConsoleCP
GetStringTypeA
GetStartupInfoW
GetLastError
SetConsoleCtrlHandler
CompareStringA
lstrcatA
HeapFree
IsValidCodePage
GetVersionExA
TlsAlloc
InterlockedIncrement
FreeLibrary
TerminateProcess
GetCurrencyFormatW
SetEnvironmentVariableA
FlushFileBuffers
SetLastError
EnterCriticalSection
HeapCreate
OpenMutexA
GetOEMCP
SetConsoleOutputCP
GetACP
GetModuleFileNameA
TlsSetValue
GetModuleFileNameW
CreateFileA
SetHandleCount
SetStdHandle
GetConsoleOutputCP
FreeEnvironmentStringsA
GetTimeFormatW
GetProcessHeap
IsDebuggerPresent
GlobalLock
LoadLibraryW
Sleep
IsValidLocale
HeapSize
WriteConsoleA
GetEnvironmentStringsW
CloseHandle
GetLocaleInfoA
FindFirstFileA
RtlUnwind
GetDriveTypeW
GetCurrentThreadId
InterlockedDecrement
VirtualQuery
LCMapStringW
GetSystemTimeAsFileTime
GetTimeFormatA
GetCPInfo
SetEnvironmentVariableW
GetTickCount
GetStartupInfoA
CreateMutexA
HeapDestroy
GetLocaleInfoW
ReadFile
InterlockedExchange
GetModuleHandleA
LoadLibraryA
CompareStringW
TlsGetValue
EnumSystemLocalesA
HeapAlloc
VirtualAlloc
GetEnvironmentStrings
WriteFile
SetVolumeLabelA
GetProcAddress
GetCommandLineW
GetCurrentProcessId
GetCurrentProcess
EnumSystemLocalesW
GetFileType
GetStdHandle
LeaveCriticalSection
LCMapStringA

user32

SetCaretPos
CharLowerA
EnumPropsA
RegisterClassA
RegisterClassExA
InsertMenuItemW

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f56fa9be2ee21bbed3d7a19c067138d7

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 244KB - Virtual size: 244KB

.rdata Size: 9KB - Virtual size: 40KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 244KB - Virtual size: 244KB

.rdata
Size: 9KB - Virtual size: 40KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 10KB - Virtual size: 9KB