69b557391d8c856d12d9d0502e7d16ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69b557391d8c856d12d9d0502e7d16ec_JaffaCakes118
Size

497KB
MD5

69b557391d8c856d12d9d0502e7d16ec
SHA1

0bf074c809b3660b33cbacc64a750da4e9493be6
SHA256

ad03798843e03ca4c51feecc646d95caca8d8ed74a36d9a96423bc16890e5b44
SHA512

a080be08ee39e882e4d16f92a91c891b047e58727ab2b56d5b863570ab3acb34531ad93012aad5cebe2bf574dd53b20a114a21bf7db6c75ef4608781575f9436
SSDEEP

12288:FK96lyxlJjY2aHM0OQCbZ8NAnNlBOsRoJyyxRq:QJURM0dC98NANlBOsR+//q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69b557391d8c856d12d9d0502e7d16ec_JaffaCakes118

Files

69b557391d8c856d12d9d0502e7d16ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88a690561fd0ff0194522c23d6b10476

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

SetEnvironmentVariableA
GetStartupInfoA
FreeEnvironmentStringsA
TlsAlloc
WideCharToMultiByte
CloseHandle
AllocConsole
HeapReAlloc
IsValidLocale
SetFilePointer
HeapAlloc
AddAtomW
LCMapStringA
CompareStringW
GetCommandLineA
GetLocaleInfoW
GetConsoleMode
GetOEMCP
CompareFileTime
GetModuleHandleA
GetTickCount
TlsFree
WriteConsoleA
RemoveDirectoryW
LoadLibraryA
GetUserDefaultLCID
GetCurrentProcessId
GetFileType
LoadLibraryW
SetLastError
SetConsoleCtrlHandler
IsDebuggerPresent
GetDateFormatA
VirtualAlloc
GetLocaleInfoA
ExitProcess
GetCurrentThreadId
GetConsoleOutputCP
TerminateProcess
OpenMutexA
InitializeCriticalSection
InterlockedDecrement
TlsSetValue
WriteProfileSectionA
GetProcessHeap
HeapDestroy
GetPrivateProfileStringA
SystemTimeToTzSpecificLocalTime
lstrcmpi
GetConsoleCP
EnterCriticalSection
InterlockedExchange
CompareStringA
GetEnvironmentStrings
GetStringTypeW
TlsGetValue
GetStringTypeA
GetCurrentThread
GetVersionExA
GetVersionExW
ReadFile
UnhandledExceptionFilter
CreateFileA
FlushFileBuffers
SetConsoleCursorInfo
FreeEnvironmentStringsW
WriteConsoleW
MultiByteToWideChar
GetAtomNameW
HeapSize
GetCurrentProcess
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
FreeLibrary
IsValidCodePage
GetCPInfo
GetProcAddress
GetTimeZoneInformation
WriteFile
EnumTimeFormatsW
VirtualFree
LeaveCriticalSection
Sleep
HeapCreate
VirtualQuery
HeapFree
QueryPerformanceCounter
LocalHandle
EnumSystemLocalesA
SetUnhandledExceptionFilter
GetTimeFormatA
GetStdHandle
DeleteCriticalSection
GetPriorityClass
GetEnvironmentStringsW
GetModuleFileNameA
SetHandleCount
SetStdHandle
CreateMutexA
GetACP
InterlockedIncrement
LCMapStringW

user32

UnregisterClassW
RegisterClipboardFormatW
GetDialogBaseUnits
EqualRect
ShowWindow
LoadMenuA
GetScrollBarInfo
ShowScrollBar
RegisterClassA
DragDetect
GetClassWord
MessageBoxA
WinHelpA
DispatchMessageW
GetKeyState
LoadCursorFromFileA
SetMenuItemBitmaps
LoadMenuW
GetWindowPlacement
GetQueueStatus
LoadBitmapW
ScrollWindow
GetGuiResources
CreateWindowExA
CreateDesktopW
SetCursor
DrawIconEx
TranslateMessage
RegisterClassExA

Sections

.text
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88a690561fd0ff0194522c23d6b10476

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 315KB - Virtual size: 315KB

.rdata Size: 48KB - Virtual size: 67KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 315KB - Virtual size: 315KB

.rdata
Size: 48KB - Virtual size: 67KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 27KB - Virtual size: 27KB