f668a4b6eb408ed03f18c278e0261215_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f668a4b6eb408ed03f18c278e0261215_JaffaCakes118
Size

610KB
MD5

f668a4b6eb408ed03f18c278e0261215
SHA1

9b8bd7d102a5cf7a263170b19131082828d3160d
SHA256

992284e12a715a409a285359b7c3c6b56af78ad8962f31c756c1f65936020627
SHA512

1e35390fa482629507d305e25367a66c6240084e0bb0b7df3f46b044e79c2bd49ad3cbced04e85b51fadbf04cca00f834cfa5eefbad93582e0bcb074585950bc
SSDEEP

12288:xsu+GXe5aOxGrp/ZozyA9rtJ+sYQ2hz5p/8ceEodchg2Q+kdreoZI:xR+XhxD+s855p0ShgUoS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f668a4b6eb408ed03f18c278e0261215_JaffaCakes118

Files

f668a4b6eb408ed03f18c278e0261215_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06e1616b93952550a51556da2fc6ccaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetTimeZoneInformation
lstrlenA
LCMapStringW
GetProcAddress
HeapDestroy
HeapReAlloc
LoadLibraryW
EnterCriticalSection
GetLocaleInfoW
GetCurrentProcessId
OutputDebugStringA
CloseHandle
GetConsoleMode
OutputDebugStringW
SetHandleCount
WriteConsoleW
OpenWaitableTimerW
RaiseException
SetLastError
UnhandledExceptionFilter
SetEnvironmentVariableA
FlushFileBuffers
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileAttributesExA
GetLastError
WriteConsoleInputA
TlsGetValue
ExitProcess
GetTickCount
GlobalSize
MultiByteToWideChar
HeapFree
GetACP
GetModuleFileNameA
GetOEMCP
LoadLibraryA
QueryPerformanceCounter
WideCharToMultiByte
VirtualAlloc
UnlockFileEx
EnumSystemLocalesA
SetFilePointer
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
Sleep
GetCPInfo
GetConsoleOutputCP
GetEnvironmentStringsW
IsValidCodePage
SetConsoleCtrlHandler
GetUserDefaultLCID
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCommandLineA
CreateFileA
GetProcessHeap
GetConsoleCP
GetCurrentThread
CompareStringW
LCMapStringA
InterlockedDecrement
SetUnhandledExceptionFilter
CompareStringA
GetEnvironmentStrings
IsValidLocale
TlsAlloc
GetTimeFormatA
LeaveCriticalSection
GetFileType
ReleaseMutex
InterlockedExchange
GetModuleFileNameW
SetStdHandle
WriteConsoleA
InterlockedIncrement
DeleteCriticalSection
DebugBreak
HeapValidate
GetStringTypeW
HeapAlloc
IsDebuggerPresent
HeapLock
ExpandEnvironmentStringsW
GetStringTypeA
WriteFile
GetModuleHandleA
IsBadReadPtr
GetLocaleInfoA
GetStartupInfoA
RtlUnwind
VirtualFree
TlsFree
SetVolumeLabelW
HeapCreate
GetDateFormatA
GetVolumeInformationW
FreeLibrary
FreeEnvironmentStringsW
HeapSize
VirtualQuery
TlsSetValue

gdi32

AddFontResourceA
TranslateCharsetInfo
GetEnhMetaFilePaletteEntries
GetMapMode
CloseFigure
ExtCreateRegion
GetStockObject
Polyline
LPtoDP
SetTextColor
SetBkMode
PaintRgn
RemoveFontResourceW
GetCharWidth32A
GetDeviceCaps
CancelDC
PolylineTo
SetBrushOrgEx
InvertRgn
SetWindowExtEx
GetObjectType
DeleteColorSpace
CreateRectRgn

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06e1616b93952550a51556da2fc6ccaa

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 281KB - Virtual size: 280KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 281KB - Virtual size: 280KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 13KB - Virtual size: 13KB