6a80a6d8f3738c6435325f51b22004db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a80a6d8f3738c6435325f51b22004db_JaffaCakes118
Size

429KB
MD5

6a80a6d8f3738c6435325f51b22004db
SHA1

bd81daa619f8a2044e7ed58895370e631aa45ef1
SHA256

d1179bc3895025330a9aac1547ad8371246b6eb2c8ef542900cb3872311edb8c
SHA512

304885baca739f7a5d15e5596f4c8d7e09b74b8c2da03af918f7a1416f6b29b008f6d0b48c8e3ed5fd67d354c808960ef33fc4316d8560007710ba8600295dd1
SSDEEP

12288:KJwKxXD63GYuIUybTuKjlv/ZgK1qYaOu:KqK5D3a7lvBg57x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a80a6d8f3738c6435325f51b22004db_JaffaCakes118

Files

6a80a6d8f3738c6435325f51b22004db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0388131a16f2d16e23d7984dae51fec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetLocaleInfoW
SetThreadPriority
ReleaseSemaphore
GetDateFormatA
DeleteAtom
HeapAlloc
TlsFree
MultiByteToWideChar
InterlockedDecrement
SetHandleCount
GlobalUnlock
ReadConsoleOutputCharacterA
EnumCalendarInfoExA
WriteFile
LeaveCriticalSection
VirtualFree
GetFileType
GetLastError
WaitNamedPipeA
IsValidLocale
EnterCriticalSection
GetLocaleInfoA
EnumSystemLocalesA
GetCalendarInfoA
GetStartupInfoA
SetEnvironmentVariableA
GetEnvironmentStringsW
GetProcAddress
GlobalFlags
GetEnvironmentStrings
Sleep
CreateMutexA
DeleteCriticalSection
OpenSemaphoreA
GetStdHandle
VirtualQuery
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateWaitableTimerW
GetStringTypeW
SetConsoleCtrlHandler
GetCurrentThread
HeapReAlloc
HeapSize
ExitProcess
SystemTimeToTzSpecificLocalTime
GetComputerNameA
VirtualAlloc
TlsAlloc
QueryPerformanceCounter
GetCurrentProcess
GetUserDefaultLCID
GetModuleHandleA
FreeLibrary
GetTimeFormatA
GetTimeZoneInformation
GetCurrentThreadId
IsValidCodePage
TlsSetValue
CompareStringW
GetACP
GetCurrentProcessId
WideCharToMultiByte
HeapCreate
CompareStringA
WriteProfileStringW
GetTickCount
GetOEMCP
ReadFileEx
FreeEnvironmentStringsW
LCMapStringA
InterlockedIncrement
RtlUnwind
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
InterlockedExchange
HeapDestroy
GetExitCodeThread
GetConsoleCursorInfo
GetCPInfo
UnhandledExceptionFilter
GetModuleHandleW
GetStringTypeA
HeapFree
TerminateProcess
LoadLibraryA
FindResourceExA
SetLastError
TlsGetValue
WriteFileEx
GetModuleFileNameA
LCMapStringW

user32

GetWindowTextA
LoadCursorW
GetTopWindow
EnumClipboardFormats
SubtractRect

gdi32

OffsetWindowOrgEx

shell32

DragQueryFileAorW
SHLoadInProc
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSettings
ShellExecuteExW
RealShellExecuteExW
ExtractIconA
FreeIconList
SHChangeNotify
SHAppBarMessage
CommandLineToArgvW
SHGetFileInfo
ExtractAssociatedIconA
SHQueryRecycleBinA

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0388131a16f2d16e23d7984dae51fec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 113KB - Virtual size: 113KB

.data Size: 310KB - Virtual size: 340KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 113KB - Virtual size: 113KB

.data
Size: 310KB - Virtual size: 340KB

.rsrc
Size: 4KB - Virtual size: 4KB