ddbaa3fb2b0b033177025978e71a5666_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ddbaa3fb2b0b033177025978e71a5666_JaffaCakes118
Size

428KB
MD5

ddbaa3fb2b0b033177025978e71a5666
SHA1

71aa2a4b6ef1fc1a8db1df440448313b1da5426c
SHA256

532949c10631635b06dadeda78f21176d4b5a5cbe92b4094b9895edb77ad69ef
SHA512

ef84419943da93e59d5c498bb79ce9f717d00489faa83ec91f75aa961fa082b7f5801f3e2a9f58786a031db4d8f66f8d57abdcb289abb9346360b5e49a3a210a
SSDEEP

12288:/7unTtahedrkH/tvtLlx2vLyOqUU5VWnncRe3:/6IokAyOqUAJe3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddbaa3fb2b0b033177025978e71a5666_JaffaCakes118

Files

ddbaa3fb2b0b033177025978e71a5666_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9042496c96241d5b1d453c4f61478041

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetTimeFormatA
GetUserDefaultLCID
SetEnvironmentVariableA
GetProcAddress
GetVersionExA
HeapReAlloc
SetLastError
UnlockFile
GetLocaleInfoW
GetCurrentProcessId
TlsFree
WriteProfileSectionW
GetCommandLineA
TlsGetValue
WriteFile
HeapCreate
CreateDirectoryW
TlsSetValue
IsValidLocale
GetDateFormatA
VirtualProtect
CompareStringW
GetStdHandle
InitializeCriticalSection
GetExitCodeThread
GetLastError
GetConsoleScreenBufferInfo
UnhandledExceptionFilter
ExitProcess
GetTickCount
FoldStringW
TlsAlloc
HeapFree
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
QueryPerformanceCounter
EnumSystemLocalesA
VirtualAlloc
EnumDateFormatsW
CompareStringA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentStringsW
LCMapStringW
VirtualFree
GetTimeZoneInformation
DeleteCriticalSection
GetSystemTimeAsFileTime
GetACP
IsDebuggerPresent
GetUserDefaultLangID
GetCPInfo
GetCurrentThread
OpenMutexA
MultiByteToWideChar
IsBadWritePtr
GetStartupInfoW
SetLocaleInfoW
GetEnvironmentStrings
LeaveCriticalSection
CreateThread
GetSystemInfo
SetHandleCount
GetFileType
GlobalAddAtomA
InterlockedExchange
GetModuleFileNameW
GetLocaleInfoA
EnterCriticalSection
IsValidCodePage
HeapSize
GetConsoleTitleA
HeapDestroy
GetStringTypeW
HeapAlloc
LCMapStringA
ConnectNamedPipe
GetDateFormatW
GetStringTypeA
VirtualQuery
GetModuleHandleA

shell32

SHFormatDrive
SHBrowseForFolder
SHUpdateRecycleBinIcon
ExtractIconA
DoEnvironmentSubstA
SHQueryRecycleBinW
SheChangeDirExW
DoEnvironmentSubstW
DragQueryPoint
ShellHookProc
SHAddToRecentDocs

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9042496c96241d5b1d453c4f61478041

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 274KB - Virtual size: 286KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 274KB - Virtual size: 286KB

.rsrc
Size: 8KB - Virtual size: 7KB