0616879b193f7e973972dff62047c9ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0616879b193f7e973972dff62047c9ff_JaffaCakes118
Size

504KB
MD5

0616879b193f7e973972dff62047c9ff
SHA1

f6244f675d9659be7bcd32dd0bb7f5ba38ab7c6f
SHA256

0c2c7fe7efac8df0c9e2c181a4c3d1be4dd434da696ab9c903461be545010508
SHA512

114851b35b918f4a49c1c7317253f3c9f59a067a9531c0c09d1ba11025ab8cb35fb3ddce443daadaa5a21aae010cbec4c9bee414308c93b3d4c5dec1accafe41
SSDEEP

12288:Qee8Dj1t6UQgrXMkfuhiUWUgUYMXDYMBqro3oDsj4:QeeYj1t6UNfiiUWXc+ro4a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0616879b193f7e973972dff62047c9ff_JaffaCakes118

Files

0616879b193f7e973972dff62047c9ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

607086d1ddfbd26b20c3d8442a6736ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetTickCount
CloseHandle
GetLocalTime
LoadLibraryA
VirtualFree
TerminateThread
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetLastError
SetStdHandle
GetLocaleInfoA
ResetEvent
Sleep
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
TerminateProcess
GetCurrentProcess
ExitProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
HeapFree
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery
HeapAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
FlushFileBuffers
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
ReadFile
RaiseException
LCMapStringA
LCMapStringW
SetFilePointer
GetStringTypeA
GetStringTypeW

user32

SetFocus
SendMessageA
MessageBoxA
LoadIconA
GetDesktopWindow
ReleaseDC

ole32

CoInitialize

avifil32

AVIMakeFileFromStreams

winscard

SCardCancel
SCardConnectA

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xcode
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

607086d1ddfbd26b20c3d8442a6736ba

Headers

File Characteristics

Imports

kernel32

user32

ole32

avifil32

winscard

Sections

.text Size: 80KB - Virtual size: 76KB

.xcode Size: 372KB - Virtual size: 371KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 20KB - Virtual size: 404KB

.text
Size: 80KB - Virtual size: 76KB

.xcode
Size: 372KB - Virtual size: 371KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 20KB - Virtual size: 404KB