c06b11b66aae9cc4d859eed6f5f8f898_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c06b11b66aae9cc4d859eed6f5f8f898_JaffaCakes118
Size

216KB
MD5

c06b11b66aae9cc4d859eed6f5f8f898
SHA1

fd6484fe45eadfb78e7ac955e683d3743353576e
SHA256

d97bb2720fbce5139d964b68660e285494cd8428e7afac25a906d7b6ecfaae59
SHA512

100ed0aa86f7924f8a602568693ab1c8bfe771029ea6564166c62ab9613516cd067e4de81798aa705c223170217b73c7b30574376381322e9620561836d0547e
SSDEEP

3072:8n+16291vtHRK12Fx7sD0TdmrY8OpPGjTd9Yg5Zt4wnry9p1zwQ:8891lHtz7sDJE9OjZ9Yg5swnmD1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06b11b66aae9cc4d859eed6f5f8f898_JaffaCakes118

Files

c06b11b66aae9cc4d859eed6f5f8f898_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea5b547096206b8419d93be18a4b705c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetLastError
GetLocalTime
GetVersionExA
GetFileAttributesA
GetFileSize
FreeLibrary
GetProcAddress
LoadLibraryA
GetDriveTypeA
GetLogicalDriveStringsA
CreateMutexA
SetFileAttributesA
Sleep
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
ReadFile
GetTempPathA
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetTimeZoneInformation
GetSystemTime
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
CreateDirectoryA

advapi32

RegOpenKeyExA
RegDeleteValueA

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA
ShellExecuteA

urlmon

URLDownloadToCacheFileA
URLOpenBlockingStreamA
URLDownloadToFileA

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea5b547096206b8419d93be18a4b705c

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

urlmon

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 29KB

.sxdata Size: 4KB - Virtual size: 124B

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 29KB

.sxdata
Size: 4KB - Virtual size: 124B

.rsrc
Size: 40KB - Virtual size: 36KB