109fd150a4bd149ab1027e28c38f898f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

109fd150a4bd149ab1027e28c38f898f_JaffaCakes118
Size

609KB
MD5

109fd150a4bd149ab1027e28c38f898f
SHA1

1af2022d7e37c760a9786a9163c64e85302073f9
SHA256

cda8f0e7d51ef20f21fc94ee8a72406a7bf0904b95f1df60d4d2df776a327ced
SHA512

0cc1560336e4578cbddfa97dbe9b1ea153b90fc56d8088d2e2e32f86c98b206581ce82096e32885f3e96bf9d34a8b53aee37ab158d88cb46cc669198f3f660cb
SSDEEP

12288:R9d72m/Zs6h/A1pkyNzbmYil85VDV4ffnX38NQC27Gq8EbBbBi0ZE:RLxpho8WnJilYVOfvH8NG7VZy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109fd150a4bd149ab1027e28c38f898f_JaffaCakes118

Files

109fd150a4bd149ab1027e28c38f898f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f75e906847760092802c24971b115914

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetFileType
TlsAlloc
GetUserDefaultLCID
GetProcAddress
GetLocaleInfoW
HeapReAlloc
HeapCreate
GetNumberFormatA
GetCommandLineA
GetCurrentProcessId
HeapValidate
GetThreadLocale
DeleteCriticalSection
InitializeCriticalSection
IsValidLocale
SetStdHandle
GetDriveTypeA
InterlockedDecrement
LCMapStringA
SetConsoleCtrlHandler
IsBadReadPtr
GetLogicalDriveStringsA
GetCurrentThread
GetProcessHeap
GetSystemDefaultLCID
GetACP
GetAtomNameW
OutputDebugStringW
ExitProcess
GetTickCount
GetExitCodeProcess
HeapDestroy
HeapFree
CompareStringA
GetModuleFileNameA
WriteFile
LoadLibraryA
lstrlenA
SetHandleCount
VirtualAlloc
LoadLibraryExW
IsDebuggerPresent
IsValidCodePage
GetCurrentProcess
TerminateProcess
WriteConsoleW
LoadLibraryW
CompareStringW
EnterCriticalSection
FreeEnvironmentStringsW
GetStringTypeW
WriteConsoleA
GetLastError
TlsSetValue
GetSystemTimeAsFileTime
CreateFileA
WriteProfileSectionW
GetNamedPipeInfo
DebugBreak
EnumSystemLocalesA
EnumResourceNamesA
GetTimeZoneInformation
GetStartupInfoA
LeaveCriticalSection
LoadLibraryExA
FreeEnvironmentStringsA
GetTimeFormatA
MultiByteToWideChar
GetEnvironmentStringsW
GetVersionExA
WideCharToMultiByte
GlobalAlloc
InterlockedExchange
GetCommandLineW
LCMapStringW
SetLastError
GetStartupInfoW
FindNextFileW
SetConsoleOutputCP
GetOEMCP
GetEnvironmentStrings
HeapAlloc
GetStringTypeA
lstrcpynW
UnhandledExceptionFilter
GetDateFormatA
SetUnhandledExceptionFilter
GetModuleHandleA
GetStdHandle
GetCPInfo
GetConsoleOutputCP
TlsFree
SetEnvironmentVariableA
OutputDebugStringA
lstrcmpA
GetLocaleInfoA
TlsGetValue
SetFilePointer
CloseHandle
GetWindowsDirectoryA
GetModuleFileNameW
VirtualQuery
RaiseException
RtlUnwind
FlushFileBuffers
WriteConsoleInputW
QueryPerformanceCounter
FreeLibrary
InterlockedIncrement
GetCurrentThreadId
GetConsoleMode
VirtualFree

wininet

FtpGetCurrentDirectoryW

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f75e906847760092802c24971b115914

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 288KB - Virtual size: 287KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 288KB - Virtual size: 287KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 6KB - Virtual size: 5KB