6fb97a0bef78317e25befdf79b5c43db_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6fb97a0bef78317e25befdf79b5c43db_JaffaCakes118
Size

548KB
MD5

6fb97a0bef78317e25befdf79b5c43db
SHA1

91878dd0b68f1742c7b39151f29afe0609bd734c
SHA256

ab84c6b7bad309a9af1afabb5ea73a757b9fa1df1ff4b43a5eded55f858a68c8
SHA512

18167ba453146f475221b06d543c892a9518c9092d1f2b5ffe3c813d93c85f85a6415fc23ec65d5ab95c9e914a891f63242d99a047e8a0655d59b32742428e6d
SSDEEP

12288:w0JeNbFMcSH1A3blchtFEonlTQD2OADe86WNl4:oBIVA3b8DBn+D2OADe8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb97a0bef78317e25befdf79b5c43db_JaffaCakes118

Files

6fb97a0bef78317e25befdf79b5c43db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

24527ec6edbb8e0e07d45cfe964647bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Mes documents\Téléchargements\IRCContact v4\Debug\Irc-Contact.pdb

Imports

user32

GetMessageA
LoadAcceleratorsA
LoadStringA
RegisterClassExA
TranslateMessage
LoadIconA
MessageBoxA
CreateWindowExA
DefWindowProcA
LoadCursorA
DispatchMessageA
TranslateAcceleratorA

shell32

ShellExecuteExA

advapi32

RegEnumValueA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

kernel32

SetStdHandle
HeapQueryInformation
FlushFileBuffers
HeapReAlloc
GetStringTypeW
LCMapStringW
CreateFileA
ReadFile
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetEndOfFile
HeapSize
GetStartupInfoW
GetPrivateProfileStringA
VirtualFree
VirtualAlloc
CloseHandle
WaitForSingleObject
GetFileAttributesA
Sleep
WritePrivateProfileStringA
CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
GetPrivateProfileIntA
GetConsoleMode
GetConsoleCP
SetFilePointer
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
RtlUnwind
SetCurrentDirectoryW
GetCurrentDirectoryW
GetLocaleInfoW
InterlockedIncrement
InterlockedDecrement
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
GetLastError
GetFullPathNameA
GetDriveTypeW
EncodePointer
DeleteFileA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
CreateFileW
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
RaiseException
lstrlenA
LoadLibraryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
HeapValidate
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange

ws2_32

htons
closesocket
select
inet_addr
inet_ntoa
WSACleanup
gethostbyname
socket
__WSAFDIsSet
ioctlsocket
connect
send
recv
WSAStartup

wininet

InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile
InternetOpenA

urlmon

URLDownloadToFileA

Sections

.textbss
Size: - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24527ec6edbb8e0e07d45cfe964647bc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

shell32

advapi32

kernel32

ws2_32

wininet

urlmon

Sections

.textbss Size: - Virtual size: 194KB

.text Size: 414KB - Virtual size: 413KB

.rdata Size: 73KB - Virtual size: 72KB

.data Size: 6KB - Virtual size: 200KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 48KB - Virtual size: 48KB

.textbss
Size: - Virtual size: 194KB

.text
Size: 414KB - Virtual size: 413KB

.rdata
Size: 73KB - Virtual size: 72KB

.data
Size: 6KB - Virtual size: 200KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 48KB - Virtual size: 48KB