69d8cc71f8c3f29c115253254ad27b59_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69d8cc71f8c3f29c115253254ad27b59_JaffaCakes118
Size

404KB
MD5

69d8cc71f8c3f29c115253254ad27b59
SHA1

45c6934f88901a321cfc5280d5e4b63c59a27f87
SHA256

3d89f1ab4321da0e0c2ebecbdf386621ba5898d06194983f64f08021bd260b3f
SHA512

3814653df6fedb0788904f2451688217fb094da2515671fe9b4d7e4652aa76eb89ee353abdd03682a56467b9e3ab0a0f0c580c500b7403c2276d7240cbf2751e
SSDEEP

12288:gCgz79T/Dwdrfykv78SJBXx9mUxgWE0TkZP:gpwlfyktPmUpEg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69d8cc71f8c3f29c115253254ad27b59_JaffaCakes118

Files

69d8cc71f8c3f29c115253254ad27b59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e49f0262da3b86e748b6f80420a889a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\itn

Imports

kernel32

GetEnvironmentStringsW
HeapFree
GetOEMCP
GetLocaleInfoW
GetTimeFormatA
VirtualFree
ReadFile
LeaveCriticalSection
GetTickCount
GetStartupInfoW
GetModuleHandleA
GetCommandLineW
GetTimeZoneInformation
GetWindowsDirectoryA
GlobalUnlock
GetCurrentProcess
InitializeCriticalSection
GetProfileIntW
GetSystemDefaultLCID
TlsFree
HeapDestroy
UnhandledExceptionFilter
GetStdHandle
VirtualQuery
TlsGetValue
QueryPerformanceCounter
FreeEnvironmentStringsW
InterlockedExchange
GetLastError
TlsAlloc
RtlUnwind
GetFileType
GetStringTypeA
WriteConsoleOutputAttribute
CloseHandle
MultiByteToWideChar
GetStartupInfoA
SetLastError
GetModuleFileNameA
DeleteFileA
SetFilePointer
SetStdHandle
WritePrivateProfileSectionA
FreeEnvironmentStringsA
GetCommandLineA
GetCurrentThread
GetVersionExA
EnumCalendarInfoA
VirtualAlloc
WideCharToMultiByte
GetSystemTimeAsFileTime
ExitProcess
GetModuleFileNameW
IsBadWritePtr
GetCurrentThreadId
GlobalFindAtomA
LoadLibraryA
GetStringTypeW
GlobalFree
SetThreadLocale
EnumSystemLocalesA
CompareStringA
HeapCreate
EnumDateFormatsExA
HeapAlloc
VirtualProtect
CompareStringW
CreateEventA
GetACP
GetSystemInfo
CreateMutexA
TlsSetValue
OpenMutexA
SetHandleCount
GetLocaleInfoA
CopyFileA
GetConsoleTitleA
HeapReAlloc
WriteFileEx
GetCurrentProcessId
DeleteCriticalSection
GetCPInfo
FlushFileBuffers
LCMapStringA
GetProcAddress
WriteFile
RaiseException
TerminateProcess
SetLocalTime
GetDateFormatA
IsValidCodePage
EnterCriticalSection
IsValidLocale
GetUserDefaultLCID
HeapSize
SetEnvironmentVariableA
GetLogicalDriveStringsA
LCMapStringW
GetEnvironmentStrings

comdlg32

GetFileTitleW
LoadAlterBitmap
ChooseFontW
FindTextW

comctl32

InitCommonControlsEx

user32

GetKeyboardType
EndDialog
GetMenuItemRect
VkKeyScanExA
RegisterClassA
SendNotifyMessageA
RegisterClassExA
CreateDialogIndirectParamA
DefMDIChildProcW

shell32

ShellAboutA

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e49f0262da3b86e748b6f80420a889a9

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

comctl32

user32

shell32

Sections

.text Size: 283KB - Virtual size: 283KB

.rdata Size: 13KB - Virtual size: 37KB

.data Size: 96KB - Virtual size: 96KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 283KB - Virtual size: 283KB

.rdata
Size: 13KB - Virtual size: 37KB

.data
Size: 96KB - Virtual size: 96KB

.rsrc
Size: 10KB - Virtual size: 10KB