0a9eb75178e0ec0bce8912454ec4b07e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a9eb75178e0ec0bce8912454ec4b07e_JaffaCakes118
Size

478KB
MD5

0a9eb75178e0ec0bce8912454ec4b07e
SHA1

b29d00b7e13a7753ca68581ccede96286f14a607
SHA256

0a31db0375599b134b2bbb6136d9fc94f7226ac50807afe6732cbbaa747e725a
SHA512

8779289ef3f78be9e741aed88ba133ca7b0795b1ed9bf78bf8b2d09b7ed63fef735b67fc54e0ac773b302b3260485ddf557a92c6e73a0d83f108d9422c9ea9d1
SSDEEP

12288:JhWnTZbiMYQ6eUwobOwAGxwQh/q7SsreYZD9ui8DOc9y5vPtetqOI:J4DYJemhxN/iSs327lylFetRI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a9eb75178e0ec0bce8912454ec4b07e_JaffaCakes118

Files

0a9eb75178e0ec0bce8912454ec4b07e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cd6d864395cb59fe4d0613ead0c9959

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsBadWritePtr
IsValidLocale
TlsAlloc
GetProcAddress
LCMapStringA
HeapReAlloc
TlsGetValue
GetCommandLineW
GetUserDefaultLCID
GetCurrentProcessId
UnhandledExceptionFilter
FlushFileBuffers
GetOEMCP
VirtualFree
GetModuleHandleA
LCMapStringW
FindNextChangeNotification
VirtualProtect
SetEnvironmentVariableA
GetStdHandle
WriteFile
GetDateFormatA
InitializeCriticalSection
MultiByteToWideChar
EnumSystemLocalesA
GetTimeFormatA
DeleteCriticalSection
CreatePipe
ExitProcess
GetTickCount
DebugBreak
TlsSetValue
HeapFree
GetLastError
GetModuleFileNameA
HeapDestroy
LoadLibraryA
QueryPerformanceCounter
GetFileType
VirtualAlloc
ResetEvent
GetCurrentThread
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLocaleInfoA
GetStartupInfoA
GetStringTypeW
SetHandleCount
WideCharToMultiByte
IsValidCodePage
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetLocaleInfoW
GetACP
GetEnvironmentStringsA
GetModuleFileNameW
GetStartupInfoW
FreeEnvironmentStringsW
SetStdHandle
OutputDebugStringA
HeapValidate
FreeEnvironmentStringsA
GetStringTypeA
SetLastError
EnterCriticalSection
IsBadReadPtr
TlsFree
GetSystemInfo
CloseHandle
InterlockedExchange
GetVersionExA
GetTimeZoneInformation
GetEnvironmentStringsW
SetConsoleCtrlHandler
GetCommandLineA
GetCPInfo
LeaveCriticalSection
InterlockedIncrement
HeapAlloc
SetFilePointer
CompareStringW
CompareStringA
InterlockedDecrement

shell32

SHQueryRecycleBinA
ExtractAssociatedIconA
SheChangeDirExW
SHGetDataFromIDListW
ShellExecuteExA
ExtractAssociatedIconExW
CommandLineToArgvW
FreeIconList
DragQueryFileAorW
InternalExtractIconListW
FindExecutableW
SHBrowseForFolderW
SHEmptyRecycleBinW
SHChangeNotify
SHGetSpecialFolderPathA
DoEnvironmentSubstW
SHGetSpecialFolderLocation
SHQueryRecycleBinW
ShellExecuteA
CheckEscapesW
SHGetFileInfoA

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cd6d864395cb59fe4d0613ead0c9959

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 182KB - Virtual size: 182KB

.data Size: 281KB - Virtual size: 281KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 182KB - Virtual size: 182KB

.data
Size: 281KB - Virtual size: 281KB

.rsrc
Size: 13KB - Virtual size: 12KB