b62c67b29e34842ad6507757f93693d2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b62c67b29e34842ad6507757f93693d2_JaffaCakes118
Size

428KB
MD5

b62c67b29e34842ad6507757f93693d2
SHA1

bfa2ba276bad749cc557ffb5571424efa6923a67
SHA256

e07ae808afa10506463af22de52a300f27063b96a5b3d8e906a7883e0dd13150
SHA512

4f3f2d963bd59bbb52e1f10084177ca59e9c9ac5a3735c759fb9c2e1571b3257b6962bf98d6cbbadd655d800a1da6886beaf8e80da1d1624d522e143249b128f
SSDEEP

12288:439kdf26OMpoKN0QIDwvjfmzV/Uo+wrvj:wef26hp/NxDmzV1+wrL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b62c67b29e34842ad6507757f93693d2_JaffaCakes118

Files

b62c67b29e34842ad6507757f93693d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a578b748bf31165b1b92752a349b0f69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
WideCharToMultiByte
SetUnhandledExceptionFilter
GetFileType
GetModuleFileNameA
GetCurrentThread
SetLastError
GetTimeZoneInformation
InterlockedDecrement
GetLocaleInfoA
GetModuleHandleA
LCMapStringW
EnumSystemLocalesA
LCMapStringA
HeapDestroy
TlsFree
Sleep
HeapCreate
IsValidCodePage
HeapSize
GetTimeFormatA
VirtualQuery
GetStartupInfoA
GetCurrentProcess
InterlockedIncrement
GetVersionExA
InterlockedExchange
WritePrivateProfileSectionW
WriteFile
TlsAlloc
GetStdHandle
HeapFree
GetCommandLineW
SetHandleCount
MultiByteToWideChar
ExitProcess
GetStartupInfoW
GetModuleFileNameW
HeapAlloc
CompareStringA
InitializeCriticalSection
GetOEMCP
LoadLibraryA
GetTickCount
GetStringTypeW
GetUserDefaultLCID
TlsGetValue
IsDebuggerPresent
EnterCriticalSection
GetLastError
VirtualAlloc
RtlUnwind
DeleteCriticalSection
AllocConsole
GetEnvironmentStringsW
VirtualFree
SetConsoleCtrlHandler
LeaveCriticalSection
SetEnvironmentVariableA
GetProcAddress
TlsSetValue
GetCurrentProcessId
CompareStringW
GetACP
GetProcessHeap
UnhandledExceptionFilter
GetDateFormatA
GetSystemTimeAsFileTime
TerminateProcess
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLocaleInfoW
IsValidLocale
HeapReAlloc
QueryPerformanceCounter
GetCommandLineA
GetStringTypeA
FreeEnvironmentStringsA
GetCPInfo
FreeLibrary

shell32

DragQueryFileA

comdlg32

PrintDlgA
ChooseFontA
ChooseFontW

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a578b748bf31165b1b92752a349b0f69

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 8KB - Virtual size: 7KB