69f40755e9c0d0c18b9ae742588d6ccf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69f40755e9c0d0c18b9ae742588d6ccf_JaffaCakes118
Size

371KB
MD5

69f40755e9c0d0c18b9ae742588d6ccf
SHA1

16552ed4c2cbb154e98232f0de2606fcbbbdfbd0
SHA256

8caa86fc008f771c4d5d501b4ba78ee4122a3518285b0c1e9b1341fae6adea3a
SHA512

ebf5ee0ecff31aaf39a542bebbb54cd5df2feca30388631c3c192ced68c26a2e77ad3bf2ce078fe2007765775876f703f42623e616245e7066e2bebfeb95c429
SSDEEP

6144:hPAZxLbyB7fp5krQFtyLLRSa+bgiJBnOJvH131G3JbRAiFj:90yB7frkszILEa+bggg/131G35RAQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69f40755e9c0d0c18b9ae742588d6ccf_JaffaCakes118

Files

69f40755e9c0d0c18b9ae742588d6ccf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9cfbfffca06a85e2d0a91a5d7d0ebc1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GetLocaleInfoA
WriteConsoleOutputCharacterW
VirtualAlloc
IsDebuggerPresent
RtlUnwind
TlsFree
FlushFileBuffers
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetConsoleCP
DeleteCriticalSection
TerminateProcess
GetOEMCP
SetStdHandle
GetModuleFileNameA
LCMapStringA
GetStringTypeW
GetCPInfo
CloseHandle
SetLastError
OpenWaitableTimerA
GetStdHandle
HeapSize
TlsGetValue
LCMapStringW
GetCurrentThread
WriteConsoleA
GetEnvironmentStringsW
ReadFile
HeapDestroy
GetProcAddress
CreateFileA
GetStringTypeA
GetModuleHandleW
WideCharToMultiByte
Sleep
GetEnvironmentVariableW
SetHandleCount
SetFilePointer
CreateWaitableTimerW
TerminateThread
HeapReAlloc
SetUnhandledExceptionFilter
GetCurrentProcessId
GetConsoleOutputCP
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapCreate
CreateMutexA
EnumSystemLocalesA
GetConsoleMode
ExitProcess
LoadLibraryA
FreeLibrary
HeapFree
GetTickCount
GetTimeZoneInformation
GetTimeFormatA
VirtualFree
VirtualQuery
GetCurrentThreadId
MultiByteToWideChar
QueryPerformanceCounter
ReleaseSemaphore
GetACP
WriteFile
WriteConsoleW
IsValidLocale
SetConsoleCtrlHandler
InterlockedDecrement
HeapAlloc
InterlockedExchange
GetEnvironmentStrings
SystemTimeToFileTime
CompareStringW
TlsSetValue
GetUserDefaultLCID
OpenMutexA
EnterCriticalSection
IsValidCodePage
SetEnvironmentVariableA
GetCommandLineA
TlsAlloc
FreeEnvironmentStringsW
InterlockedIncrement
CompareStringA
GetLocaleInfoW
GetCurrentProcess

comctl32

InitCommonControlsEx

user32

SetWindowsHookExW
GetTabbedTextExtentA
PackDDElParam
AdjustWindowRect
UnhookWinEvent
TranslateAccelerator
EnumDisplayMonitors
MessageBoxW
RegisterClassExA
ShowWindow
GetIconInfo
IsIconic
RegisterClassA
GetProcessWindowStation
CreateWindowExA

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cfbfffca06a85e2d0a91a5d7d0ebc1f

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 26KB - Virtual size: 36KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 26KB - Virtual size: 36KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 19KB - Virtual size: 19KB