6f97a7349ada7069c1b2e1dddc11d9c2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6f97a7349ada7069c1b2e1dddc11d9c2_JaffaCakes118
Size

247KB
MD5

6f97a7349ada7069c1b2e1dddc11d9c2
SHA1

a11a4eceb05abd3c06c01970a54879b95c46e675
SHA256

f89f7fe33550002fa8bc51bc830085ad2f46a1ebb3960fc469ba35016d2b016c
SHA512

0b5a1659251dab5df10c3822517ec609dc9a24ecc32162ae7f64275cf425b8fbebe3b8482e01dc43876452bd83e42f11bb18ea4e90bd19058795f6689cb4d65e
SSDEEP

6144:Qute/A32jkmsO1xkrOAIup0T1JzT1Sf+pseVbG:Que/tjk/LpOJztseV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f97a7349ada7069c1b2e1dddc11d9c2_JaffaCakes118

Files

6f97a7349ada7069c1b2e1dddc11d9c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15953c7c2cfa5263c73d0cb2b47b25fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
DeleteCriticalSection
LCMapStringW
GetCommandLineA
RtlUnwind
GetSystemInfo
GetVersionExA
GetCurrentProcess
GetStartupInfoA
VirtualAlloc
SetHandleCount
IsValidLocale
HeapReAlloc
GetLocaleInfoA
WriteConsoleOutputCharacterA
GetLastError
GetACP
MultiByteToWideChar
GetModuleFileNameA
GetCommandLineW
GetStringTypeW
ExitProcess
GetEnvironmentStrings
GetStringTypeA
GetUserDefaultLCID
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoW
FreeEnvironmentStringsW
HeapSize
QueryPerformanceCounter
WriteFile
TlsGetValue
EnumResourceTypesW
TlsFree
VirtualProtect
FreeEnvironmentStringsA
HeapAlloc
GetModuleFileNameW
HeapFree
FreeLibraryAndExitThread
SetLastError
GetCurrentProcessId
GetProfileIntW
GetTimeFormatA
GetStdHandle
UnhandledExceptionFilter
HeapDestroy
EnumSystemLocalesA
GetEnvironmentStringsW
GetTimeZoneInformation
GetCPInfo
IsValidCodePage
TlsSetValue
EnumDateFormatsA
CompareStringA
GetModuleHandleA
SetEnvironmentVariableA
GetDateFormatA
lstrcmp
OpenFile
TlsAlloc
ContinueDebugEvent
FileTimeToSystemTime
EnterCriticalSection
HeapCreate
GetProcAddress
GetFileType
GetLocaleInfoW
CompareStringW
LCMapStringA
InterlockedExchange
InitializeCriticalSection
TerminateProcess
GetOEMCP
VirtualQuery
WideCharToMultiByte
VirtualFree
GetFullPathNameW
LeaveCriticalSection
GetCurrentThreadId
IsBadWritePtr
DeleteAtom

shell32

SheSetCurDrive
SHInvokePrinterCommandA
SHFreeNameMappings
InternalExtractIconListW
SHGetDesktopFolder
SHGetDataFromIDListW
SHGetFileInfo
SHGetDataFromIDListA
ShellExecuteEx
SheChangeDirA
InternalExtractIconListA
SHBrowseForFolderW
RealShellExecuteA
DragFinish

user32

SetMenuItemInfoA
GetClassInfoW
wsprintfW
GetMessageTime
PeekMessageA
DlgDirListComboBoxA
DrawEdge
IsWindowVisible
CreateWindowStationA
AnyPopup
CreatePopupMenu
GetPriorityClipboardFormat
GetMenuItemID
EnumChildWindows
HideCaret
UnpackDDElParam
EnumDisplaySettingsExA
PackDDElParam
ModifyMenuA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15953c7c2cfa5263c73d0cb2b47b25fc

Headers

File Characteristics

Imports

kernel32

shell32

user32

Sections

.text Size: 128KB - Virtual size: 127KB

.data Size: 111KB - Virtual size: 110KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 128KB - Virtual size: 127KB

.data
Size: 111KB - Virtual size: 110KB

.rsrc
Size: 7KB - Virtual size: 6KB