8e6071cf7586b43196b82104b43a13be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e6071cf7586b43196b82104b43a13be_JaffaCakes118
Size

85KB
MD5

8e6071cf7586b43196b82104b43a13be
SHA1

f5810db931799f9668b4f47822d45c0f72c91f23
SHA256

b0aa9c13c89b998e623aa75d565efdfbb8f78dee6fe0db73cab7cfee2c967147
SHA512

f50f2195f82e31df408df0bbf2bf670f5c8ac9fef329c4202cda91394e2ec628be82c8c5b49e9545d29deedc57a0c676c3cbf8656871d7eb51fecc0ac9f6e88f
SSDEEP

1536:1EnGuZOHHmms94PbSVls/84P/544EWDWFTob/C+zkji:woHmms9gc8NhdEwWFTob/C+zkW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e6071cf7586b43196b82104b43a13be_JaffaCakes118

Files

8e6071cf7586b43196b82104b43a13be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60ecf41a718e8f382fed91360a876add

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
CloseHandle
WriteFile
SetFileTime
FindNextFileA
GetFileTime
CreateFileA
SetFileAttributesA
MultiByteToWideChar
GetVersionExA
MoveFileA
GetLocaleInfoA
FindClose
GetSystemTime
GetWindowsDirectoryA
GetOEMCP
GetACP
GetCPInfo
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesA
Sleep
GetSystemDirectoryA
GetTimeZoneInformation
lstrcmpiA
LoadLibraryA
DeleteFileA
GetModuleFileNameA
GetLastError
CreateDirectoryA
VirtualFree
GetProcAddress
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetVersion
HeapAlloc
IsBadCodePtr
FreeLibrary
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
GetStringTypeW
GetStringTypeA
GetLocalTime
RtlUnwind
SetEndOfFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
FlushFileBuffers
GetStdHandle
HeapReAlloc
HeapSize
HeapFree
SetStdHandle
GetFileType
SetFilePointer
SetHandleCount
HeapDestroy
HeapCreate
ReadFile
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

SetWindowPos
SetForegroundWindow
GetForegroundWindow
FindWindowA
MessageBoxA
IsWindowVisible

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegCreateKeyA
RegDeleteValueA
RegQueryValueA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

ole32

CoCreateGuid
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocString

wininet

InternetOpenA
HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetCloseHandle
InternetGetConnectedState
InternetReadFile

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60ecf41a718e8f382fed91360a876add

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 5KB