12822d0659b0c0262fceea545e366165_JaffaCakes118

General

Target

12822d0659b0c0262fceea545e366165_JaffaCakes118
Size

367KB
MD5

12822d0659b0c0262fceea545e366165
SHA1

80612d4e73e1676d9488c68db308b90c878e47e4
SHA256

6e2f44096ee42e06c3d5a9e05bf842d4d50ef71d3dbd5519d238c919e2d07399
SHA512

cafcc42341cfd7c905dd8147f7c603f91c35e74fd3ea8c4559bb2095582bbef80c2e0ed4613969439d4b2f2602fcb0c4e819f36d35c68fcc6d3f8af895dc05f9
SSDEEP

768:yOB5TJkIQFaorydG7OdDnP98PDPhyqVig2IrR7bAM:PTJkIQFHNLPmIrR4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12822d0659b0c0262fceea545e366165_JaffaCakes118

Files

12822d0659b0c0262fceea545e366165_JaffaCakes118
.exe windows:0 windows x86 arch:x86

6d77185691e06adcec6a270efbc1a8c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ActivateActCtx
AddAtomA
AddAtomW
BackupWrite
BaseCheckAppcompatCache
BaseFlushAppcompatCache
BaseInitAppcompatCache
BaseProcessInitPostImport
BaseQueryModuleData
BindIoCompletionCallback
BuildCommDCBAndTimeoutsW
ContinueDebugEvent
ConvertFiberToThread
CopyFileW
CreateActCtxA
CreateDirectoryExA
CreateDirectoryExW
CreateFileA
CreateHardLinkW
CreateNlsSecurityDescriptor
CreateProcessInternalWSecure
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DebugActiveProcess
DebugBreak
DecodePointer
DefineDosDeviceW
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EncodeSystemPointer
EnumTimeFormatsW
ExpandEnvironmentStringsA
FatalAppExitA
FatalExit
FillConsoleOutputCharacterA
FoldStringW
FormatMessageW
FreeConsole
FreeLibraryAndExitThread
GetAtomNameA
GetCPFileNameFromRegistry
GetCPInfo
GetCommState
GetCommTimeouts
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleInputWaitHandle
GetConsoleWindow
GetCurrentDirectoryW
GetCurrentProcessId
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDriveTypeW
GetHandleContext
GetHandleInformation
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeHandleStateW
GetNextVDMCommand
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProcAddress
GetProcessIoCounters
GetProcessShutdownParameters
GetProfileIntW
GetProfileStringW
GetQueuedCompletionStatus
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetSystemRegistryQuota
GetSystemTimes
GetSystemWow64DirectoryW
GetThreadContext
GetThreadTimes
GetVolumePathNameW
GetVolumePathNamesForVolumeNameW
GlobalMemoryStatusEx
Heap32First
HeapExtend
HeapLock
HeapQueryTagW
HeapSummary
InitializeCriticalSectionAndSpinCount
InterlockedExchange
InterlockedFlushSList
InterlockedIncrement
LZOpenFileA
LoadLibraryA
LoadLibraryW
LoadModule
LoadResource
LocalAlloc
LocalCompact
LocalLock
LockFile
MapUserPhysicalPages
MoveFileExW
MoveFileWithProgressW
NlsGetCacheUpdateCount
NlsResetProcessLocale
OpenSemaphoreW
PeekConsoleInputW
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryWin31IniFilesMappedToRegistry
ReadConsoleOutputA
ReadFile
RegisterConsoleOS2
RemoveLocalAlternateComputerNameA
RtlFillMemory
SetCalendarInfoA
SetCommMask
SetComputerNameW
SetConsoleCommandHistoryMode
SetConsoleMenuClose
SetConsoleOutputCP
SetConsolePalette
SetConsoleTitleA
SetConsoleWindowInfo
SetProcessAffinityMask
SetProcessPriorityBoost
SetSystemTime
SetUnhandledExceptionFilter
SetVDMCurrentDirectories
SignalObjectAndWait
TzSpecificLocalTimeToSystemTime
ValidateLocale
VirtualAllocEx
VirtualFree
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteFileEx
WriteProfileStringA
lstrcpy

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d77185691e06adcec6a270efbc1a8c6

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB