0906841c61538ee8ee5798d50f94538d_JaffaCakes118

General

Target

0906841c61538ee8ee5798d50f94538d_JaffaCakes118
Size

432KB
MD5

0906841c61538ee8ee5798d50f94538d
SHA1

86fc2431267a93c5ab722b00247f1f441a24a963
SHA256

12e02fefa9d6a96a3e3e0fc9c803fd90a0f4f0ee37f6e2e792690aba8a92127c
SHA512

ba7c00857dad39a36beb17de1c4b72d5386c88066822a3498c51f7caa4f962395115fe366f3682b1efb47649e5e977823796c4568bcc17cdd6e6419a5f5b10fb
SSDEEP

12288:NwbuyD9v1e3zE/nDvNrIHrxhDFDBhDtV5r6sC1elJuqkO:Gb/v1fTNrILx/kYak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0906841c61538ee8ee5798d50f94538d_JaffaCakes118

Files

0906841c61538ee8ee5798d50f94538d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

196bab3aaa3d260be0db453bb32e9078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
SetFilePointer
SetLastError
FlushFileBuffers
GetProcAddress
SetStdHandle
HeapReAlloc
TlsFree
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentProcessId
HeapAlloc
LeaveCriticalSection
GetOEMCP
WideCharToMultiByte
GetModuleHandleA
TlsAlloc
OpenMutexW
CreateMutexW
VirtualFree
GetStringTypeA
MultiByteToWideChar
GetACP
LCMapStringW
TlsGetValue
EnumTimeFormatsA
HeapValidate
FreeLibrary
GetUserDefaultLangID
ExitProcess
GetTickCount
CreateFileW
OutputDebugStringA
HeapFree
GetEnvironmentStrings
GetModuleFileNameA
IsBadWritePtr
LoadLibraryA
QueryPerformanceCounter
GetCurrentThread
VirtualAlloc
IsValidLocale
FreeEnvironmentStringsW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetEnvironmentStringsW
GetStartupInfoA
HeapCreate
WriteFile
EnumResourceLanguagesA
SetHandleCount
GetCPInfo
GetSystemTimeAsFileTime
GetFileType
DeleteCriticalSection
LocalCompact
GetLastError
GetStdHandle
DebugBreak
UnhandledExceptionFilter
TlsSetValue
LCMapStringA
CloseHandle
GetStringTypeW
GetCommandLineA
GetVersion
SetConsoleCtrlHandler
EnterCriticalSection
HeapDestroy
ReadConsoleW
InterlockedExchange
InterlockedIncrement
InitializeCriticalSection

wininet

InternetSetDialStateW
FtpDeleteFileW
DetectAutoProxyUrl
InternetTimeToSystemTimeA
InternetGetCookieW
ShowClientAuthCerts
InternetWriteFile

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

196bab3aaa3d260be0db453bb32e9078

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 147KB - Virtual size: 146KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 147KB - Virtual size: 146KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 9KB - Virtual size: 9KB