0e689ac96913bf1e14271f6e923a1617_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e689ac96913bf1e14271f6e923a1617_JaffaCakes118
Size

243KB
MD5

0e689ac96913bf1e14271f6e923a1617
SHA1

936ec42a4297656496d3792ac808455015361137
SHA256

ca0004c05158251327f6b4e132678ca9fdf2d10a56fb99b32d9003a1e20446b9
SHA512

d642aff4f81ba90636f7fc2fba61e8046bb0484bf60429790e8d97a3524faccb1872a35c21c4096e40d4d3f0b0b120b98ea51ff5b44c1385a68b2f5a0e864eb9
SSDEEP

6144:CP1Th2XcupJaYbOrqEbbkUowqmSSAzsE64w1lmiMYs:WThL1YbOrqEbQUjSSWsE631l+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e689ac96913bf1e14271f6e923a1617_JaffaCakes118

Files

0e689ac96913bf1e14271f6e923a1617_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8cbf6fe39c907480c162441f7f47164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetCPInfo
TlsFree
FreeEnvironmentStringsA
RtlUnwind
InitializeCriticalSection
EnumSystemLocalesA
GetCurrentProcess
GetUserDefaultLCID
VirtualAlloc
UnhandledExceptionFilter
SetLastError
HeapReAlloc
GetStringTypeW
SetConsoleCP
GetStringTypeA
GetEnvironmentStringsW
TlsSetValue
GetModuleFileNameA
GetLastError
HeapSize
ExitProcess
GetOEMCP
HeapDestroy
IsValidLocale
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetVersionExA
GetEnvironmentStrings
LeaveCriticalSection
QueryPerformanceCounter
EnumCalendarInfoA
WriteFile
CompareStringW
WideCharToMultiByte
GetCurrentThreadId
GetDateFormatA
HeapAlloc
GetTimeFormatA
HeapFree
GetComputerNameA
VirtualFree
GetCurrentProcessId
EnterCriticalSection
IsBadWritePtr
HeapCreate
SetFilePointer
LCMapStringW
GetCurrentThread
GetStartupInfoA
IsValidCodePage
GetFileType
SetHandleCount
TlsGetValue
SetCurrentDirectoryA
FreeEnvironmentStringsW
GetModuleHandleA
AddAtomW
GetLocaleInfoW
DeleteCriticalSection
GetConsoleScreenBufferInfo
VirtualProtect
CompareStringA
GlobalUnfix
GetCommandLineA
LCMapStringA
GetProcAddress
GetStdHandle
GetSystemInfo
GetACP
TlsAlloc
InterlockedExchange
MultiByteToWideChar
TerminateProcess
GetTimeZoneInformation
VirtualQuery
SetEnvironmentVariableA

gdi32

SetBitmapDimensionEx
EnumFontFamiliesA
StrokePath
gdiPlaySpoolStream
GetGlyphOutlineW
IntersectClipRect
SetRectRgn
RemoveFontResourceW
CreateColorSpaceA
ChoosePixelFormat
TextOutW
GetBoundsRect
SetFontEnumeration
GetMetaRgn
GetCharacterPlacementA
CreatePenIndirect
StartPage
PlgBlt
GetCharABCWidthsA
SetAbortProc
ExcludeClipRect
GetCharABCWidthsFloatA
GetRegionData
FrameRgn
CreatePolyPolygonRgn

comdlg32

PrintDlgA
GetSaveFileNameA
ChooseFontW
GetOpenFileNameA
FindTextW
PrintDlgW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8cbf6fe39c907480c162441f7f47164

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 101KB - Virtual size: 101KB

.data Size: 135KB - Virtual size: 162KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 101KB - Virtual size: 101KB

.data
Size: 135KB - Virtual size: 162KB

.rsrc
Size: 6KB - Virtual size: 5KB