f6660afee6259afda42da4b6281b1dde_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6660afee6259afda42da4b6281b1dde_JaffaCakes118
Size

156KB
MD5

f6660afee6259afda42da4b6281b1dde
SHA1

2b3182c22191bef1902a8baf785ab3d8754178d0
SHA256

c53c9a23c1c9838c37a45cb88e19ec577d49302b6cb8ab6d66f61ce60feefb37
SHA512

7ee6fd73fd12ad6abb0c67064ff9aa47c8a820d6649b0e068bb7bd5988d4a178639713607179bd74e90357b8c748e52e47b7593980279c36b5170087f1d50dd0
SSDEEP

3072:+FLfHGQEFDS2NQyFSqEzZfDDKqBnUhut3/ofSTWOYDP:+FrA+2NQ+atvoQWnDP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6660afee6259afda42da4b6281b1dde_JaffaCakes118

Files

f6660afee6259afda42da4b6281b1dde_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a1cc6ea2658e2bd7665b5b5474cbe1a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GetACP
WaitForMultipleObjects
MapViewOfFile
HeapCreate
QueryPerformanceCounter
MulDiv
SetEndOfFile
SearchPathA
GlobalAddAtomA
GetLastError
GetDriveTypeA
LoadLibraryA
ExitProcess
GetFileAttributesA
SetStdHandle
IsBadStringPtrA
GetLocaleInfoA
GetCurrentProcessId
TlsAlloc
lstrcmpA
lstrcpynA
UnhandledExceptionFilter
FormatMessageA
GetEnvironmentVariableA
TlsSetValue
GetFileTime
FileTimeToLocalFileTime
GetModuleFileNameA
lstrcatA
GetVersionExA
CreateThread
GetStringTypeW
IsBadReadPtr
ReadProcessMemory
PulseEvent
SetLastError
SizeofResource
RtlUnwind
Module32Next
GetStdHandle
GlobalUnlock
GetSystemTimeAsFileTime
GetConsoleCP
GetExitCodeThread
GetModuleHandleA
TerminateProcess
DuplicateHandle
FreeLibrary
GetCurrentThreadId
GetCurrentThread
GetCPInfo
WideCharToMultiByte
GetFileType
FreeEnvironmentStringsA
SetThreadAffinityMask
CreateProcessA
IsValidCodePage
GetDateFormatA
IsDebuggerPresent
GetStartupInfoA
HeapFree
FreeEnvironmentStringsW
GetVersion
GetOEMCP
CreateFileMappingA
GlobalLock
GlobalMemoryStatus
FileTimeToSystemTime
InterlockedDecrement
LCMapStringA
VirtualQueryEx
DeviceIoControl
SetHandleCount
EnterCriticalSection
FlushFileBuffers
HeapAlloc
CreateFileA
OpenProcess
SetUnhandledExceptionFilter
QueryPerformanceFrequency
HeapReAlloc
DeleteCriticalSection
GetThreadContext
VirtualAlloc
ResumeThread
GetProcessAffinityMask
GetSystemInfo
LocalFree
FindClose
CloseHandle
LoadLibraryW
GetTickCount

msvcrt

_wcsupr
_fileinfo
_gcvt
gets
wcstoul
rand
_wfindnext64
iswprint
_wrmdir
ldiv
_stricmp
memcpy
_wstat
_pwctype
_lrotr
__p__fmode
_setsystime
_wcsicoll
exp
_mbsnbcmp
exit
_itoa
_execv
_adj_fprem
_lock
_findfirst
wcspbrk
__setusermatherr
_seterrormode
_except_handler3
srand
_wenviron
_isnan
_mbctokata
gmtime
_wctime
_aligned_offset_realloc
_ftol
fputs
_mbsbtype
_stricoll
_wspawnvpe
_wcsset
_control87
_findnext64
_mbslwr
_ismbclower
_acmdln
feof
labs
atan2
_inpd
_wfsopen
iswxdigit
_utime64
_snwscanf
_XcptFilter
isgraph
_exit
_strlwr
_ftime
_safe_fdivr
_lseeki64
getenv
_flsbuf
vswprintf
_c_exit
_mbsnccnt
_isctype
_atodbl
_vscwprintf
_sys_errlist
_atoi64
__set_app_type
_fpreset
_logb
fscanf
_wfindfirst64
_wunlink
asin
_wfindnexti64
_controlfp
_getpid
_mbsnbset
wcsncpy
_vscprintf
_initterm
islower
vfwprintf
_commit
iswalpha
_outpd
_adj_fdivr_m32i
_wtof
raise
_tempnam
__getmainargs
strncat
__p__commode
_mbctolower
_unloaddll
_mbsnbcpy
fputws
_putch
_mbsspn
_fstati64
_fpieee_flt
_adjust_fdiv
_heapadd
memset
_mbsninc
_fileno
_getwch
_ismbcdigit
_strupr
_mbsncoll
iswgraph
strtoul
_mbctombb
frexp
putc
_nextafter
_wsearchenv
printf
strtok

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1cc6ea2658e2bd7665b5b5474cbe1a7

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 142KB - Virtual size: 142KB

.data Size: 512B - Virtual size: 85B

.rsrc Size: 512B - Virtual size: 284B

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 142KB - Virtual size: 142KB

.data
Size: 512B - Virtual size: 85B

.rsrc
Size: 512B - Virtual size: 284B