a6f7f89440a504cc73eab644f27f8699_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6f7f89440a504cc73eab644f27f8699_JaffaCakes118
Size

615KB
MD5

a6f7f89440a504cc73eab644f27f8699
SHA1

9308910cf5691064ba0962b740df37b6b06753e6
SHA256

efe6421415cbe9d720969df2d3e23c4a65931f279b7d2de810d5dcbb6af963ff
SHA512

1d9f4ddbab4abb7195ac812c475703edf6074bfd2cdf940459efa2f10a5d4cf940018c57d2fcce1ddd392031e3482c4a60fecdd159c64bf3afb025307e9c008b
SSDEEP

12288:52Fj6UfOHI05Y1pS+c/y4YZgHmSI4duKzgLax58ArEtgE09l:5QVOHI05Y1pSH8um3vhArE2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6f7f89440a504cc73eab644f27f8699_JaffaCakes118

Files

a6f7f89440a504cc73eab644f27f8699_JaffaCakes118
.exe windows:4 windows x86 arch:x86

255f376e5362a1766dcb9eae9db9f2b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetTimeFormatA
InitializeCriticalSection
HeapReAlloc
WriteFile
GetConsoleCP
WriteConsoleInputW
GetStringTypeW
LoadLibraryA
FreeLibrary
VirtualAlloc
SetUnhandledExceptionFilter
FreeResource
GetDateFormatA
EnumSystemLocalesA
SetConsoleCtrlHandler
OpenMutexA
GetConsoleOutputCP
VirtualFree
UnhandledExceptionFilter
GetModuleFileNameA
GetCPInfo
TlsGetValue
GetProcAddress
GetCurrentThread
SetThreadPriority
CloseHandle
QueryPerformanceCounter
GetLastError
CompareStringA
IsValidLocale
DeleteCriticalSection
FreeEnvironmentStringsA
SetStdHandle
HeapAlloc
GetTickCount
GetACP
GetCommandLineA
GetCurrentProcess
TerminateProcess
GetEnvironmentStringsW
SetHandleCount
IsDebuggerPresent
GetTimeZoneInformation
CreateFileA
CompareStringW
SetEnvironmentVariableA
GetFileType
GetCurrentThreadId
WriteConsoleW
GetExitCodeThread
HeapSize
InterlockedExchange
GetStringTypeA
SetLastError
FlushFileBuffers
EnterCriticalSection
LeaveCriticalSection
FileTimeToDosDateTime
GetCurrentProcessId
ReadFile
TlsAlloc
HeapFree
GetConsoleMode
GetEnvironmentStrings
SetFilePointer
LCMapStringW
ExitProcess
TlsSetValue
HeapDestroy
IsValidCodePage
VirtualQuery
LCMapStringA
GetStartupInfoA
FindFirstFileExW
GetUserDefaultLCID
HeapCreate
GetProcessHeap
GetStdHandle
InterlockedIncrement
GetVersionExA
InterlockedDecrement
FreeEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetOEMCP
WriteConsoleA
GetLocaleInfoA
RtlUnwind
GetModuleHandleA
CreateMutexA
GetLocaleInfoW
Sleep
GetSystemTimeAsFileTime

gdi32

GetEnhMetaFileDescriptionA
GetKerningPairsW
GetViewportOrgEx
GetPolyFillMode
GetTextMetricsW
GetTextExtentPoint32A
ExtFloodFill
AngleArc
CreateColorSpaceA
CreateRoundRectRgn

shell32

RealShellExecuteW
SHGetMalloc
CheckEscapesW

comctl32

InitCommonControlsEx

user32

RegisterClassExA
EnumDisplaySettingsExA
GetFocus
RealChildWindowFromPoint
GetKeyNameTextW
GetMessageA
SendNotifyMessageW
GetTabbedTextExtentW
GetDlgItemTextW
RegisterClassA
SetScrollRange
SetMenuItemInfoW
DrawFrameControl
ChangeClipboardChain
CharLowerA
DrawStateA
LoadKeyboardLayoutA
DlgDirSelectExW
CreateCaret
GetKeyState
TileChildWindows
SetDeskWallpaper

Sections

.text
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

255f376e5362a1766dcb9eae9db9f2b3

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

comctl32

user32

Sections

.text Size: 276KB - Virtual size: 276KB

.rdata Size: 10KB - Virtual size: 39KB

.data Size: 319KB - Virtual size: 318KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 276KB - Virtual size: 276KB

.rdata
Size: 10KB - Virtual size: 39KB

.data
Size: 319KB - Virtual size: 318KB

.rsrc
Size: 9KB - Virtual size: 8KB