69cfcbcf01aee663787adbb80668410c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69cfcbcf01aee663787adbb80668410c_JaffaCakes118
Size

418KB
MD5

69cfcbcf01aee663787adbb80668410c
SHA1

b6cc8540682e3377a5898b101f5baf82292bd6f5
SHA256

8261ebc56481c2fa62be0ef41d684e33a830c39b9b0be0f5a3c763e1b64b10c9
SHA512

5ac9422370e9e0ff29331d4574f09567556392af82cb30299d0e719ecdeaa259eb3f7c4803ac989ef1cb3a0661d128e696a1afeb68c31337031b53570e3abae1
SSDEEP

6144:tDhbTGYhy7RHScVmSwnqnbkeGiNOQRo0splJ6Gp/9K0qlbgf7zheANb1a12NH:tDVGYGP4Sbb5G9XpVK0qifBHNb1a1m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69cfcbcf01aee663787adbb80668410c_JaffaCakes118

Files

69cfcbcf01aee663787adbb80668410c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4197d4b3cc1e87062ca91813061f72fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetLocaleInfoW
SetLocaleInfoA
GetProfileStringW
GetDateFormatA
GetThreadContext
HeapAlloc
LoadLibraryA
TlsAlloc
IsValidCodePage
TlsSetValue
GetEnvironmentStringsA
GetThreadLocale
lstrcatA
SetEnvironmentVariableA
SetHandleCount
LoadLibraryExW
GetFileType
GetLastError
IsBadWritePtr
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
EnumSystemLocalesA
DuplicateHandle
GetStdHandle
TlsGetValue
GetEnvironmentStringsW
GetProcAddress
DeleteCriticalSection
GetEnvironmentStrings
WriteFile
VirtualFree
CompareStringW
GetFileTime
GetStringTypeA
VirtualQuery
InitializeCriticalSection
VirtualProtect
LCMapStringA
GetDiskFreeSpaceW
GetTimeFormatA
TlsFree
GetCurrentThread
HeapReAlloc
HeapSize
ExitProcess
SetLastError
EnumCalendarInfoExW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetACP
GetTimeZoneInformation
GetUserDefaultLCID
GetCurrentThreadId
LCMapStringW
UnhandledExceptionFilter
CompareStringA
GetCPInfo
GetCurrentProcessId
GetModuleFileNameA
HeapCreate
VirtualFreeEx
OpenWaitableTimerA
GetTickCount
GetStartupInfoA
WritePrivateProfileStringA
FreeEnvironmentStringsW
MultiByteToWideChar
IsValidLocale
RtlUnwind
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
InterlockedExchange
HeapDestroy
MoveFileW
SleepEx
GetCommandLineA
GetSystemInfo
GetOEMCP
GetStringTypeW
HeapFree

gdi32

PtVisible
SetLayout
ColorCorrectPalette
GetLogColorSpaceW
SetICMProfileW
DeviceCapabilitiesExW
GetCharWidthA
CreateBitmap
GetTextFaceA
GetTextCharsetInfo
EnumObjects
GetSystemPaletteEntries
GetTextExtentExPointW
ScaleWindowExtEx

wininet

DeleteUrlCacheEntry
RetrieveUrlCacheEntryStreamW
InternetReadFileExW
UnlockUrlCacheEntryStream

user32

EnumDisplaySettingsA
GetUserObjectInformationA
OemKeyScan
ActivateKeyboardLayout
GetClipboardFormatNameW
RegisterWindowMessageA

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4197d4b3cc1e87062ca91813061f72fb

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

user32

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 4KB - Virtual size: 4KB