b2022094105c66688846992878ca36d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2022094105c66688846992878ca36d9_JaffaCakes118
Size

518KB
MD5

b2022094105c66688846992878ca36d9
SHA1

37091ad1d07c562583c0740b498766f5033043c9
SHA256

dfa05a307eb4cb5ce231720dcb2f7b2e0806d4b4ae69efaae117abfef53e833e
SHA512

1d33f277f66dc878b4f7956962c621946e6d74a9d58b5735373b663df977c1717d3c3fb8122a2a0609e741fe36f88b58c66dd7727553022ddca630208158ed02
SSDEEP

12288:ul0z4htpCLywxeIopNKvXAudKt8QkAdnbDnF:uez4htpCLywxezwvXAuEt8Qk+bDnF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2022094105c66688846992878ca36d9_JaffaCakes118

Files

b2022094105c66688846992878ca36d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef5b6da3ce899d843934732f9bb0f603

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetTimeFromSystemTimeA

user32

RegisterClassA
SetPropW
CheckRadioButton
IsCharAlphaNumericW
GetCursor
RegisterClassExA

comctl32

InitCommonControlsEx

kernel32

HeapAlloc
CloseHandle
HeapFree
TlsGetValue
lstrcatW
ExitProcess
CompareStringW
GetTimeFormatA
GetCurrentProcessId
VirtualAlloc
GetCurrentProcess
QueryPerformanceCounter
GetLocaleInfoA
GetLastError
OpenMutexA
TlsFree
FlushFileBuffers
IsValidCodePage
LoadLibraryA
EnumSystemLocalesA
Sleep
SetConsoleCtrlHandler
IsValidLocale
UnhandledExceptionFilter
GetConsoleOutputCP
VirtualQuery
GetStdHandle
GetStartupInfoA
LCMapStringW
TerminateProcess
GetLocaleInfoW
GetProcAddress
GetCPInfo
WriteConsoleA
EnterCriticalSection
GetStringTypeExW
SetEnvironmentVariableA
WriteFile
TlsAlloc
HeapCreate
GetTimeZoneInformation
LCMapStringA
GetOEMCP
InterlockedExchange
TlsSetValue
GetUserDefaultLCID
EnumCalendarInfoA
GetEnvironmentStringsW
HeapReAlloc
GetSystemTimeAsFileTime
GetPrivateProfileStructA
SetLastError
RtlUnwind
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
CreateFileA
CompareStringA
WriteConsoleW
GetConsoleMode
GetCommandLineW
HeapSize
GetCurrentThread
MultiByteToWideChar
VirtualFree
GetModuleHandleW
LeaveCriticalSection
SetStdHandle
GetStringTypeW
CreateMutexA
GetCurrentThreadId
FreeLibrary
FreeEnvironmentStringsW
GlobalCompact
SetFilePointer
SetUnhandledExceptionFilter
GetModuleFileNameW
GetACP
GetStartupInfoW
WaitNamedPipeW
HeapDestroy
GetTickCount
GetModuleFileNameA
WideCharToMultiByte
GetDateFormatA
GetVersionExW
InterlockedIncrement
GetConsoleCP
SetConsoleScreenBufferSize
GetModuleHandleA
lstrcpynA
GetCommandLineA
GetFileType
IsDebuggerPresent
SetHandleCount
DeleteCriticalSection
ReadFile
GetStringTypeA

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef5b6da3ce899d843934732f9bb0f603

Headers

File Characteristics

Imports

wininet

user32

comctl32

kernel32

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata Size: 9KB - Virtual size: 18KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 180KB - Virtual size: 180KB

.rdata
Size: 9KB - Virtual size: 18KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 11KB - Virtual size: 11KB