d4d24060740548389f24e38f64a30afe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d4d24060740548389f24e38f64a30afe_JaffaCakes118
Size

429KB
MD5

d4d24060740548389f24e38f64a30afe
SHA1

92a5491f1ced01935b8ed4ac2543f6a7cf0de4c7
SHA256

de6f4190ff167b1501050d99c8a513b9f5432a500ff847bbda760f8c5d51478c
SHA512

4681ea7f68d7bdae5cbe2d8150367b9c88484f9f58f1dabc7fe0714634eb19b51db7e3019c480e51a25f13fa6e6f4e49d5f3fa3b0ea4e0107530db0d44428ac9
SSDEEP

12288:hPNL6npVyqQVy65WEWFbfk7NrmB9lZf9561oqe0:NNL6npVyq2y65WEWZ6mhZX6le

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4d24060740548389f24e38f64a30afe_JaffaCakes118

Files

d4d24060740548389f24e38f64a30afe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46cd86aede0723fac522585b75246c74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW

kernel32

WriteConsoleW
GetLocaleInfoW
HeapSize
SetLastError
GetModuleFileNameW
EnumSystemLocalesA
GetTimeZoneInformation
WideCharToMultiByte
SetConsoleTitleA
GetTickCount
VirtualAlloc
VirtualQuery
GetProcAddress
InterlockedDecrement
HeapAlloc
TlsSetValue
GetACP
WriteFile
TerminateProcess
CompareStringA
UnhandledExceptionFilter
RtlUnwind
GetStringTypeA
TlsFree
InterlockedIncrement
GetCommandLineA
GetModuleHandleA
SetEnvironmentVariableA
WritePrivateProfileSectionA
GetUserDefaultLCID
FreeEnvironmentStringsA
TlsGetValue
GetModuleFileNameA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
EnterCriticalSection
GetCurrentProcess
DeleteCriticalSection
CompareFileTime
lstrcmpiW
GetLastError
CreateWaitableTimerW
GetCurrentProcessId
GetCurrentThreadId
GetStartupInfoW
GetStartupInfoA
GetEnvironmentStrings
HeapDestroy
WaitForSingleObject
GetConsoleCP
QueryPerformanceCounter
GetProcessHeap
GetLongPathNameW
HeapCreate
MultiByteToWideChar
GetPriorityClass
GetDiskFreeSpaceA
LoadLibraryA
VirtualFree
TlsAlloc
GetVersionExA
FreeEnvironmentStringsW
ExitProcess
FindResourceExA
GetCurrentThread
HeapFree
IsDebuggerPresent
InitializeCriticalSection
LocalFree
SetHandleCount
FreeResource
GetExitCodeProcess
GetCommandLineW
GetCPInfo
LeaveCriticalSection
LocalFlags
SetConsoleCtrlHandler
GetTimeFormatA
InterlockedExchange
GetOEMCP
IsValidCodePage
CompareStringW
GetFileType
LCMapStringW
IsBadReadPtr
LCMapStringA
GetStringTypeW
HeapReAlloc
GetEnvironmentStringsW
GetStdHandle
GetLocaleInfoA
GetDateFormatA
Sleep
FreeLibrary
IsValidLocale
GetSystemInfo
EnumDateFormatsA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46cd86aede0723fac522585b75246c74

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 8KB - Virtual size: 39KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 8KB - Virtual size: 39KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 4KB - Virtual size: 3KB