07699d8b9746a02621769dba42cfa933_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07699d8b9746a02621769dba42cfa933_JaffaCakes118
Size

484KB
MD5

07699d8b9746a02621769dba42cfa933
SHA1

d850e902186cf445fcc2fd025974698dce181cb7
SHA256

dde66a23e1eb784485e7ec9a9b4cfeb603034e9a63b4414daeeede9f79ec4e2f
SHA512

3090f262beab057de916f2b6cba804325473b1bf7470610840ac5b36c2d29b5f6ea45187662ffc2ce4bb53b556d3063f46fc277b344bdc991b0aea7c38963b99
SSDEEP

6144:HFmbxe4KdZY4YblDo98SJlDxDlV2mXmm9b4GtqZktHQyEzxJA2vgqNkZSXuXQzm4:wbdNTpDoVTnf9N+khQt+qu2bRh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07699d8b9746a02621769dba42cfa933_JaffaCakes118

Files

07699d8b9746a02621769dba42cfa933_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d42e9c32f64afc9529b47a6bcc6747a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetTimeFormatA
GetSystemTimeAdjustment
OpenSemaphoreW
GetProcessHeap
CompareStringA
HeapAlloc
LoadLibraryA
TlsAlloc
LeaveCriticalSection
TlsSetValue
GetEnvironmentStringsW
GetNumberFormatW
GetCPInfo
SetUnhandledExceptionFilter
Sleep
FreeLibrary
GetStdHandle
GetStringTypeA
LCMapStringA
SetHandleCount
GetDateFormatA
GetStringTypeW
GetEnvironmentStrings
SetThreadContext
GetVersionExA
TlsGetValue
GetStartupInfoW
GetProcAddress
DeleteCriticalSection
GetStartupInfoA
WideCharToMultiByte
lstrcmpiW
GetCurrentThread
WritePrivateProfileStringA
HeapCreate
VirtualQuery
LCMapStringW
VirtualFree
SetConsoleCtrlHandler
GetACP
HeapSize
TlsFree
GetOEMCP
HeapReAlloc
IsValidLocale
ExitProcess
CompareStringW
GetPrivateProfileStructA
VirtualAlloc
WriteFile
QueryPerformanceCounter
GetCurrentProcess
InterlockedIncrement
GetModuleHandleA
GetLocaleInfoA
InitializeCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetEnvironmentVariableA
UnhandledExceptionFilter
GetCommandLineW
GetLocaleInfoW
GetCurrentProcessId
GetModuleFileNameA
IsDebuggerPresent
GetCommandLineA
GetTempPathA
GetTickCount
GetUserDefaultLCID
FreeEnvironmentStringsA
GetLastError
SetLastError
MultiByteToWideChar
RtlUnwind
GetFileType
GetSystemTimeAsFileTime
InterlockedExchange
IsValidCodePage
EnumSystemLocalesA
EnterCriticalSection
GetModuleFileNameW
ReadConsoleOutputA
GetTimeZoneInformation
HeapDestroy
HeapFree
TerminateProcess

shell32

ShellExecuteW
ExtractIconExA
CheckEscapesW
DoEnvironmentSubstA
SHEmptyRecycleBinA
SHQueryRecycleBinW
SHLoadInProc

advapi32

RegOpenKeyExW
CryptEnumProviderTypesA
CryptSetHashParam
CryptGenRandom

comdlg32

PrintDlgW
ChooseColorA
GetOpenFileNameW
FindTextW
GetSaveFileNameW
GetSaveFileNameA
ReplaceTextA
PageSetupDlgA
ChooseFontA
GetFileTitleA
FindTextA
PrintDlgA
LoadAlterBitmap
GetFileTitleW
ChooseColorW
GetOpenFileNameA
ChooseFontW

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d42e9c32f64afc9529b47a6bcc6747a

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

comdlg32

Sections

.text Size: 163KB - Virtual size: 162KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 163KB - Virtual size: 162KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 8KB - Virtual size: 7KB