86cbf8d9b2585f68611491f2d93ac301_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86cbf8d9b2585f68611491f2d93ac301_JaffaCakes118
Size

413KB
MD5

86cbf8d9b2585f68611491f2d93ac301
SHA1

a69750d57b4ede1b3269958c4f6cab4a922b6ea8
SHA256

98122a56bf66d482f7b2030f11cdd95aaf82a97f0349cc9ab26c2b8c5679684a
SHA512

18af23a24d1c47f7c47d1c6cab60124dc1f7244dc5edd5953c4bdef7bb0b66773480bedaab8a3fe12f3317012d08bfd690ffe3f68226f4cc1b5c3f0f0a3ef1a1
SSDEEP

6144:km5DtgWgAdU9zAfUJ90X1KhNkoz8gp8s7mVHuGIz0+ziXiwHoaT/137ynxDT:y90f69kooXbI3zST9Gx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86cbf8d9b2585f68611491f2d93ac301_JaffaCakes118

Files

86cbf8d9b2585f68611491f2d93ac301_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d78b793b6186605641739dd707c5e915

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteW
SHQueryRecycleBinW
ExtractIconExW

kernel32

IsBadWritePtr
SetLastError
GetCurrentProcess
MultiByteToWideChar
GetModuleFileNameA
GetProcAddress
LoadLibraryA
VirtualProtect
InitializeCriticalSection
TlsSetValue
EnumResourceTypesA
SetThreadPriority
EnumCalendarInfoW
HeapReAlloc
GetTickCount
FlushInstructionCache
TlsGetValue
WaitForMultipleObjectsEx
TerminateProcess
LocalCompact
DeleteAtom
GetDiskFreeSpaceExW
GetCurrentThread
RtlUnwind
DeleteCriticalSection
GetDateFormatA
LCMapStringW
WideCharToMultiByte
SetThreadIdealProcessor
VirtualLock
EnumSystemLocalesA
FileTimeToDosDateTime
GetTimeFormatA
GetFileType
GetLocaleInfoW
HeapAlloc
CreateMailslotA
GetCurrentProcessId
EnterCriticalSection
SetEnvironmentVariableA
GetUserDefaultLCID
GetCurrentThreadId
FreeEnvironmentStringsA
WriteFile
AddAtomW
GetEnvironmentStringsW
GetStringTypeW
IsValidCodePage
SetConsoleOutputCP
LCMapStringA
GetModuleHandleA
IsValidLocale
FreeEnvironmentStringsW
QueryPerformanceCounter
HeapFree
InterlockedExchange
CompareStringA
GetOEMCP
GetACP
RtlFillMemory
HeapDestroy
GetSystemInfo
GetModuleHandleW
RemoveDirectoryW
GetCommandLineA
GetStringTypeA
GetStdHandle
TerminateThread
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
TlsFree
SetPriorityClass
VirtualQuery
GetLastError
GetLocaleInfoA
HeapCreate
TlsAlloc
LeaveCriticalSection
SetHandleCount
GetCPInfo
ExitProcess
CompareStringW
UnhandledExceptionFilter
GetTimeZoneInformation
GetEnvironmentStrings
VirtualFree
GetStartupInfoA
GetVersionExA

wininet

InternetCloseHandle
ShowSecurityInfo
SetUrlCacheGroupAttributeA
InternetCreateUrlA

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d78b793b6186605641739dd707c5e915

Headers

File Characteristics

Imports

shell32

kernel32

wininet

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 7KB - Virtual size: 17KB

.data Size: 282KB - Virtual size: 282KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 7KB - Virtual size: 17KB

.data
Size: 282KB - Virtual size: 282KB

.rsrc
Size: 2KB - Virtual size: 2KB