267f6f311845efc1ca54c13faeaab4ca_JaffaCakes118

General

Target

267f6f311845efc1ca54c13faeaab4ca_JaffaCakes118
Size

398KB
MD5

267f6f311845efc1ca54c13faeaab4ca
SHA1

0d48c577bcef73ef2d6a7882cd9daf0ce478c53d
SHA256

3a827bf99789d1aaf8c6791a7e9b98acd1eb97779c91c4ef31439dbf1babdeb6
SHA512

89e5b92182f2714b99ff63d9256d8d4999972ab0351117e6c54592c9e4c72a19faa5e8aa232990d594b636d59884bafda299c123a2e898f54245c1c398991b91
SSDEEP

768:w9Xtwu+jnoqchfF1EjjAihvL5DNpQPxPhyqVMK12/wal3JOS6B5D3DUgc1mVd5DU:Kiu+jJctaQPCKM/wVBx3wgcwdlg3B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267f6f311845efc1ca54c13faeaab4ca_JaffaCakes118

Files

267f6f311845efc1ca54c13faeaab4ca_JaffaCakes118
.exe windows:0 windows x86 arch:x86

65da803dd178becf29b1c863968bccbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameW
AreFileApisANSI
AssignProcessToJobObject
BaseCheckAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseDumpAppcompatCache
BaseUpdateAppcompatCache
Beep
CancelDeviceWakeupRequest
CheckRemoteDebuggerPresent
CompareStringA
CreateActCtxA
CreateDirectoryExA
CreateFiber
CreateFileA
CreateFileMappingA
CreateJobObjectW
CreateMailslotW
CreateProcessInternalW
CreateProcessInternalWSecure
CreateRemoteThread
CreateThread
DeleteTimerQueueTimer
DnsHostnameToComputerNameA
DosPathToSessionPathA
EncodePointer
EnumLanguageGroupLocalesA
EnumResourceLanguagesA
EnumResourceNamesW
EnumSystemCodePagesW
EnumSystemGeoID
EnumSystemLanguageGroupsA
ExpandEnvironmentStringsA
ExpungeConsoleCommandHistoryW
FatalAppExitA
FillConsoleOutputAttribute
FindActCtxSectionStringW
FindAtomA
FindFirstVolumeMountPointW
FindNextChangeNotification
FindNextFileW
FindNextVolumeMountPointW
FlushInstructionCache
FoldStringA
FormatMessageA
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeResource
GetCalendarInfoW
GetComPlusPackageInstallStatus
GetConsoleAliasesLengthA
GetConsoleCommandHistoryLengthW
GetConsoleFontInfo
GetConsoleInputExeNameW
GetConsoleNlsMode
GetConsoleProcessList
GetCurrentActCtx
GetCurrentDirectoryA
GetCurrentThread
GetDefaultCommConfigW
GetDevicePowerState
GetDllDirectoryA
GetFileAttributesExA
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetNumberFormatW
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHandleCount
GetProcessHeap
GetProcessId
GetProcessIoCounters
GetShortPathNameA
GetStringTypeW
GetSystemDefaultLangID
GetThreadPriorityBoost
GetVolumeInformationA
GetVolumePathNameA
GlobalAddAtomW
GlobalAlloc
GlobalReAlloc
GlobalUnWire
Heap32ListNext
InterlockedCompareExchange
IsBadHugeWritePtr
IsValidUILanguage
IsWow64Process
LCMapStringW
LZCopy
LZDone
LoadLibraryA
LoadModule
LocalFree
LocalShrink
LocalUnlock
MapUserPhysicalPages
MulDiv
OpenEventW
OpenJobObjectA
OpenSemaphoreW
OutputDebugStringA
Process32Next
QueryDepthSList
RaiseException
ReadDirectoryChangesW
ReadFile
RegisterWaitForSingleObject
RequestWakeupLatency
RtlCaptureStackBackTrace
RtlFillMemory
SetCommBreak
SetCommConfig
SetComputerNameW
SetConsoleCursorInfo
SetConsoleMaximumWindowSize
SetConsoleOS2OemFormat
SetFirmwareEnvironmentVariableA
SetNamedPipeHandleState
SetSystemTime
SetThreadPriority
SetVolumeMountPointA
SetVolumeMountPointW
ShowConsoleCursor
Sleep
TerminateJobObject
TransmitCommChar
UpdateResourceW
VerSetConditionMask
VerifyVersionInfoA
WriteConsoleOutputCharacterA
lstrcmpi
lstrcmpiA
lstrcpyn

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65da803dd178becf29b1c863968bccbc

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB