2729aaa8283019195acd4b1d04d1ac3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2729aaa8283019195acd4b1d04d1ac3b_JaffaCakes118
Size

1016KB
MD5

2729aaa8283019195acd4b1d04d1ac3b
SHA1

a116aac7170a1d0eb9674663e2d411f63905212f
SHA256

d51bba9d7915296c0736f148aee5eca741b9823bae148ccd9c343590c1cfcd0b
SHA512

81ed16132dfdb91e79b02c1fc02a2f202c7bb294c0442249e72b5dd0aa73b0ab9f9087cb272040c4f9f159e91aa01149be895e819059931bebbd260d52f2ee4d
SSDEEP

24576:Cn30OzRUOY5rXL3twL9bnw6O4KSEuLWStL8ArEyUI5LgEu3GQqwTZn:CnEk+rXL0w6O4KSEZsQArEy3furN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2729aaa8283019195acd4b1d04d1ac3b_JaffaCakes118

Files

2729aaa8283019195acd4b1d04d1ac3b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6df5d4bb93c95b6c1cf091d5ded97e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

kernel32

UpdateResourceA
GetNumberOfConsoleMouseButtons
GetSystemWindowsDirectoryW
QueryDosDeviceA
SetEvent
GetNumaAvailableMemoryNode
GetTickCount
InitializeCriticalSection
ActivateActCtx
GetThreadSelectorEntry
CreateEventA
GetStringTypeExW
GetCPInfo
TerminateProcess
GetOverlappedResult
lstrlenW
GetLogicalDriveStringsA
GetLastError
LocalAlloc
GetModuleHandleA
FindFirstChangeNotificationA
VirtualProtect
GetCurrentThreadId
WriteConsoleW
EnumDateFormatsExW
InterlockedIncrement
InterlockedDecrement
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
RtlUnwind
GetProcAddress
TlsGetValue
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
GetFileType
OutputDebugStringW
ExitProcess
LoadLibraryW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CloseHandle
CreateFileA

Exports

Exports

@dofndg@0
@trhrjyj@4

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 746KB - Virtual size: 746KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 48.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6df5d4bb93c95b6c1cf091d5ded97e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 137KB - Virtual size: 136KB

.rdata Size: 746KB - Virtual size: 746KB

.data Size: 13KB - Virtual size: 48.8MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 90KB - Virtual size: 89KB

.text
Size: 137KB - Virtual size: 136KB

.rdata
Size: 746KB - Virtual size: 746KB

.data
Size: 13KB - Virtual size: 48.8MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 90KB - Virtual size: 89KB