a6bb7daea790ab31d9f3ce4d578225d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6bb7daea790ab31d9f3ce4d578225d8_JaffaCakes118
Size

792KB
MD5

a6bb7daea790ab31d9f3ce4d578225d8
SHA1

bd7890009f16931497bd09ab09468faaf62b0e79
SHA256

2d04c8997932c34867d9e8434f84f727b5f8fa27d619e1b440820bc7953f92c6
SHA512

69099c65583cd5e3028d072da64bd49b290162eb39095b7d7313558d479bb31b791dd172be079e0d7ccd15a4d5ba6527f9e7e9cd19d36a1f0d6aa06ded5998fa
SSDEEP

12288:W/mKOqp6kOCRUPqp2HVi8cQ1zeUiadP83RdA0GvHQTk7t9zX:kmCRUPq+Q8X1TF83Re0Gvh7t9zX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6bb7daea790ab31d9f3ce4d578225d8_JaffaCakes118

Files

a6bb7daea790ab31d9f3ce4d578225d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed1fb1de3d633449b7aa7bb46d6f04bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
EnterCriticalSection
LeaveCriticalSection
HeapValidate
IsBadReadPtr
FindClose
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleA
ExitProcess
RaiseException
DebugBreak
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
lstrlenA
LoadLibraryA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
FatalAppExitA
CloseHandle
WriteFile
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
InitializeCriticalSection
ReadFile
VirtualQuery
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
CreateFileA
SetStdHandle
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed1fb1de3d633449b7aa7bb46d6f04bd

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 592KB - Virtual size: 591KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 16KB - Virtual size: 20KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 100KB - Virtual size: 98KB

.text
Size: 592KB - Virtual size: 591KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 16KB - Virtual size: 20KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 100KB - Virtual size: 98KB