69c5bbc56957598a2cfd5078d55c39de_JaffaCakes118

General

Target

69c5bbc56957598a2cfd5078d55c39de_JaffaCakes118
Size

452KB
MD5

69c5bbc56957598a2cfd5078d55c39de
SHA1

578a12c47a30130ab1dd4b3100b288d23aaf4acd
SHA256

612b35bc3a67656bead96a2775bd1c3674e13c8bd8d5dedf1f4750f0d8a9c3d2
SHA512

5e8b6bf12556148771b362b377b0e0b81aa0ae487851164f5448b470da5ec9f62da52fc2e9f85e61bd5dbed0feeee46a0b8d0042661998d3b57113997deda5f2
SSDEEP

6144:MJyXKHwFXjSEJlochecopouPfa7Bo1rTRq78Us83pIPHaXh0W4/QqCU4IN5lMjD:fQEJxwcoHPfakXc78aqEOW4gU1UD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69c5bbc56957598a2cfd5078d55c39de_JaffaCakes118

Files

69c5bbc56957598a2cfd5078d55c39de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d51fd1a4a2c5afcaa2efdde135c4b7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualAlloc
GlobalFree
GetModuleHandleA
CloseHandle
WaitForSingleObject
CreateThread
GetTickCount
VirtualFree
GlobalAlloc
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLastError
RaiseException
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapReAlloc
Sleep
HeapSize
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
MultiByteToWideChar
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d51fd1a4a2c5afcaa2efdde135c4b7f

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 296KB - Virtual size: 294KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 296KB - Virtual size: 294KB

.reloc
Size: 8KB - Virtual size: 5KB