06ae11c9ca47e37bbfaa387974acc3e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06ae11c9ca47e37bbfaa387974acc3e4_JaffaCakes118
Size

250KB
MD5

06ae11c9ca47e37bbfaa387974acc3e4
SHA1

7282234ed1fe67cb2871f292d4668509ea767504
SHA256

f6f392afa27853840116f4b8e7d4f71ec8355db250794ceb453a77a911016377
SHA512

94f393e53edffe801832abe0b0888044e8394f8d7458bc7093daa7c5e4cfa05cbc855dd582647f84dfefdc5920bd96a42c5fa86d58eb1bc303a6072b2f53fe58
SSDEEP

6144:qNgVbSnqIMQNWkVbI2HbP5BAlcfuqJIcUUFD9z7M:UPqIDbHNBQyIel7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ae11c9ca47e37bbfaa387974acc3e4_JaffaCakes118

Files

06ae11c9ca47e37bbfaa387974acc3e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e918f69e73950a305469b7efd056cd20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStdHandle
WideCharToMultiByte
IsValidCodePage
GetProcAddress
GetTimeFormatA
HeapReAlloc
LCMapStringA
CreateFileMappingA
GetEnvironmentStrings
GetCurrentProcessId
LeaveCriticalSection
OpenSemaphoreW
EnterCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetMailslotInfo
SetConsoleCtrlHandler
Sleep
WriteFile
SetHandleCount
GetPriorityClass
GetLocaleInfoW
GetVersionExA
FreeLibrary
GetCurrentThread
AddAtomW
VirtualFree
ExitProcess
GetTickCount
ReadConsoleOutputCharacterA
LCMapStringW
HeapFree
FindResourceExW
GetModuleFileNameA
GetLastError
LoadLibraryA
QueryPerformanceCounter
GetVersionExW
VirtualAlloc
GetCalendarInfoW
WritePrivateProfileStructW
SetLastError
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsGetValue
CompareStringA
EnumSystemLocalesA
GetCPInfo
InterlockedDecrement
SetEnvironmentVariableA
GetStringTypeA
FindFirstFileA
GetSystemTimeAsFileTime
CompareStringW
FindNextFileW
WriteProfileStringA
DeleteCriticalSection
FreeEnvironmentStringsA
SetConsoleTitleA
IsDebuggerPresent
HeapCreate
TlsFree
GlobalAddAtomA
GetACP
InterlockedIncrement
TlsSetValue
GetStartupInfoA
IsValidLocale
GetCommandLineA
GetSystemInfo
InterlockedExchange
GetEnvironmentStringsW
TlsAlloc
EnumResourceTypesA
HeapDestroy
GlobalUnlock
WaitNamedPipeW
GetUserDefaultLCID
GetProcessHeap
HeapAlloc
InitializeCriticalSection
PulseEvent
ResetEvent
GetOEMCP
VirtualQuery
GetModuleHandleA
HeapSize
GetDateFormatA
GetLocaleInfoA
RtlUnwind
FlushConsoleInputBuffer
UnhandledExceptionFilter
SetTimeZoneInformation
GetStringTypeW
FreeEnvironmentStringsW

wininet

FindNextUrlCacheContainerA
FindNextUrlCacheEntryW
FtpCommandA
InternetSecurityProtocolToStringA
DeleteUrlCacheEntry
FtpSetCurrentDirectoryW
InternetGetCookieA
InternetConfirmZoneCrossing
InternetGetConnectedStateExW
HttpAddRequestHeadersA
FtpRemoveDirectoryA
InternetCrackUrlW
FtpFindFirstFileA
GetUrlCacheEntryInfoExW
FindNextUrlCacheEntryA
InternetOpenW
FtpOpenFileA
FreeUrlCacheSpaceA
HttpQueryInfoW
InternetGetCertByURL
FtpRenameFileA
InternetCombineUrlA

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e918f69e73950a305469b7efd056cd20

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 125KB - Virtual size: 124KB

.data Size: 113KB - Virtual size: 112KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 125KB - Virtual size: 124KB

.data
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 11KB - Virtual size: 10KB