d6c6e3ff1ef532f91962f7274ef98473_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6c6e3ff1ef532f91962f7274ef98473_JaffaCakes118
Size

488KB
MD5

d6c6e3ff1ef532f91962f7274ef98473
SHA1

27cd5a504badb2aacb0999ed3e21da4b01261136
SHA256

c854478517d46f6d093fea4a86ebebf1f2fe36d803ba11fadba7775a1a1067ea
SHA512

657874a6673fe5d10806df1ee39d09602149c31fbccb9b5b3b918ac256a3497e90532bc920fdfd7db27cf8b9a15bcb1349a538611fa7170a369ac6c5abd6ea3a
SSDEEP

12288:idA+Mj2RjkSeNBXZ4Y3vmnO65NcVrwnc1lFdaNeUMa:i++e2J1eN4YunLNcOcDFANhMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6c6e3ff1ef532f91962f7274ef98473_JaffaCakes118

Files

d6c6e3ff1ef532f91962f7274ef98473_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ceacb445fc5c403bae47d8ab362aa65c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\keecvne\teedaneveo.pdb

Imports

user32

MessageBoxW
LoadCursorFromFileA
ShowWindow
RegisterClassA
CreateWindowExA
RegisterClassExA
FlashWindow

kernel32

GetCurrentThreadId
GetModuleFileNameA
IsValidCodePage
VirtualQuery
TlsGetValue
SetHandleCount
EnterCriticalSection
TlsSetValue
SetComputerNameA
LeaveCriticalSection
GetTickCount
GetLocaleInfoA
GetCurrentThread
DeleteCriticalSection
GetStdHandle
MultiByteToWideChar
GetTimeFormatA
RtlUnwind
FreeEnvironmentStringsW
WriteConsoleA
GetLastError
ReadFile
TerminateProcess
VirtualFree
Sleep
GetFileType
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetConsoleOutputCP
FreeEnvironmentStringsA
GetStringTypeA
IsDebuggerPresent
InterlockedExchange
CompareStringW
CompareStringA
GlobalUnlock
FreeLibrary
GetEnvironmentStrings
GetStringTypeW
GetStartupInfoA
CreateMutexA
GetTimeZoneInformation
OpenMutexA
GetProfileSectionW
LCMapStringW
WideCharToMultiByte
TlsAlloc
GetFileAttributesA
MoveFileW
GetProcAddress
CloseHandle
VirtualAlloc
GetModuleHandleW
GetOEMCP
UnhandledExceptionFilter
GetCurrentProcess
HeapAlloc
HeapSize
CreateFileA
SetUnhandledExceptionFilter
SetStdHandle
ConnectNamedPipe
GetCPInfo
TlsFree
HeapDestroy
GetCurrentProcessId
InterlockedIncrement
EnumSystemLocalesA
SetFilePointer
SetEnvironmentVariableA
GetConsoleCP
WriteConsoleW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCompressedFileSizeW
lstrlen
SetConsoleCtrlHandler
GetDateFormatA
QueryPerformanceCounter
HeapReAlloc
ExitProcess
GetACP
InterlockedDecrement
HeapFree
GetConsoleTitleW
GetConsoleMode
OpenFileMappingA
LCMapStringA
WriteFile
GlobalFindAtomA
IsValidLocale
GetUserDefaultLCID
GetCommandLineA
WriteConsoleOutputCharacterW
GetLocaleInfoW
HeapCreate
SetLastError
GetModuleHandleA
GetLogicalDrives
FlushFileBuffers

comctl32

InitCommonControlsEx

Sections

.text
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceacb445fc5c403bae47d8ab362aa65c

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 294KB - Virtual size: 294KB

.rdata Size: 71KB - Virtual size: 92KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 294KB - Virtual size: 294KB

.rdata
Size: 71KB - Virtual size: 92KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 17KB - Virtual size: 17KB