96b1f7acbde2d8765fcbb0505d78da0c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96b1f7acbde2d8765fcbb0505d78da0c_JaffaCakes118
Size

640KB
MD5

96b1f7acbde2d8765fcbb0505d78da0c
SHA1

a061ab8e3c5a6367e348c8ebdc9d56b24ce6fa55
SHA256

6d99f50f9244c954193f8d124164ee408b4e2f4a38daf2fe900efaf8b3a95bac
SHA512

790c543268ad73156031f4d351ba57d3feade735d7604039b568848a3d988ad26ee34d59bf52146cd5163d177e6c8651ee68b15ac30ccca7727c37cd30c5f685
SSDEEP

12288:hqneUopwoduSFMJp0gQCQ5cBTJ03Ji6wYJei/250xjaXUm:hqeHlMnFZocBTJGJi6wYJe+4mG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96b1f7acbde2d8765fcbb0505d78da0c_JaffaCakes118

Files

96b1f7acbde2d8765fcbb0505d78da0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7321d5a717b162fc4cad68decc8dad80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\xeds\omvtpse.pdb

Imports

kernel32

EnterCriticalSection
IsBadWritePtr
VirtualProtect
VirtualFree
GetStringTypeW
GetEnvironmentStringsW
SetStdHandle
GetOEMCP
CompareStringA
GetLocaleInfoA
GetCommandLineA
GetStdHandle
InitializeCriticalSection
CreateNamedPipeA
IsValidCodePage
InterlockedExchange
GetTimeFormatA
GetMailslotInfo
GetLastError
LCMapStringA
EnumSystemLocalesA
CompareStringW
GetProcAddress
VirtualQuery
GetVersionExA
WideCharToMultiByte
SetEnvironmentVariableA
HeapFree
LocalUnlock
GetWindowsDirectoryW
VirtualAlloc
VirtualQueryEx
OpenSemaphoreA
QueryPerformanceCounter
DeleteFileW
GetFileType
LCMapStringW
RtlUnwind
GetCurrentThreadId
GetModuleFileNameA
FlushViewOfFile
TerminateProcess
GetCurrentProcessId
GetTimeZoneInformation
SetFilePointer
OpenMutexA
FlushFileBuffers
IsValidLocale
GetTickCount
UnhandledExceptionFilter
GetUserDefaultLCID
MultiByteToWideChar
GetDateFormatA
GetACP
WriteFile
CloseHandle
TlsSetValue
LeaveCriticalSection
GetSystemInfo
HeapSize
TlsAlloc
GetStringTypeA
GetCurrentProcess
ExitProcess
GetStartupInfoA
GetModuleHandleA
SetLastError
TlsGetValue
GetTempFileNameW
GetEnvironmentStrings
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
ReadFile
HeapCreate
GetLocaleInfoW
FreeEnvironmentStringsA
GetCPInfo
HeapReAlloc
DeleteCriticalSection
HeapDestroy
FreeEnvironmentStringsW
DebugActiveProcess
LoadLibraryA
HeapAlloc
CreateMutexA
GetCurrentThread
SetHandleCount
TlsFree

gdi32

CreateDCW
GetObjectA
DeleteDC
GetClipRgn
GetDeviceCaps

comctl32

InitCommonControlsEx
DrawStatusTextW

user32

EnumDisplayMonitors
RegisterClassA
SetUserObjectInformationW
ShowWindow
CallWindowProcW
CreateWindowExW
CharToOemBuffW
GetSystemMenu
CopyAcceleratorTableW
MessageBoxW
EnableScrollBar
GetMonitorInfoW
DrawIconEx
SendNotifyMessageW
GetProcessDefaultLayout
VkKeyScanExA
DdeFreeStringHandle
DefWindowProcW
GetWindowWord
SetWindowLongW
RegisterClassExA
RegisterDeviceNotificationW
ScrollDC
DestroyWindow
GetClipboardData
PostMessageA

wininet

CreateUrlCacheContainerA
FtpDeleteFileW
InternetLockRequestFile
GopherGetAttributeW
InternetCanonicalizeUrlW

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7321d5a717b162fc4cad68decc8dad80

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

user32

wininet

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 116KB - Virtual size: 121KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 116KB - Virtual size: 121KB

.rsrc
Size: 48KB - Virtual size: 44KB