244d75f70e962e5c4ec3efb1d845748b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

244d75f70e962e5c4ec3efb1d845748b_JaffaCakes118
Size

477KB
MD5

244d75f70e962e5c4ec3efb1d845748b
SHA1

bdfefdff7b755a89d60de22309da72b82df70ecb
SHA256

7dddeb51f2dea719a6c6e70bf30db96e3333713d998b4f8acb31ee5cecfbb912
SHA512

53e2ad9f90d779d096dffd06a13e52068134c02a885cdfd3f526f87e404fce93089710180fba559b64c1e7a63aa15f5c27d8de305e9da1688481effecab529d8
SSDEEP

12288:t3pZVf5QgrzPxW0T+10v7vG8R3hTdiIg:VpZVRQg/5VT++vzxR3Xi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
244d75f70e962e5c4ec3efb1d845748b_JaffaCakes118

Files

244d75f70e962e5c4ec3efb1d845748b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b9f4ce3c6a5d0f471fe7418d273edd35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelA
GetNumaNodeProcessorMask
SetPriorityClass
IsBadStringPtrW
WriteConsoleOutputCharacterW
lstrlenA
GetDefaultCommConfigW
GetProcessIoCounters
ClearCommError
SetConsoleScreenBufferSize
SetThreadExecutionState
FlushViewOfFile
FindFirstFileExW
ConnectNamedPipe
GetTickCount
GetWindowsDirectoryA
WideCharToMultiByte
LoadLibraryW
_hread
SizeofResource
GetWriteWatch
GetEnvironmentVariableA
HeapReAlloc
DisconnectNamedPipe
GetLastError
GetProcAddress
GetLongPathNameA
EnumDateFormatsExA
EnumSystemCodePagesW
GetAtomNameA
SetCalendarInfoW
FindFirstVolumeMountPointW
SetConsoleCtrlHandler
GetExitCodeThread
SetFileApisToANSI
SetProcessWorkingSetSize
GetModuleFileNameA
CreateIoCompletionPort
_lread
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
FindNextVolumeA
CompareStringW
GetFullPathNameA
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
SetFilePointer
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
RaiseException
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
CloseHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
SetStdHandle
FlushFileBuffers
GetModuleHandleA
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
ReadFile
HeapSize

user32

GetCaretPos

advapi32

RegisterEventSourceW

Sections

.text
Size: 407KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9f4ce3c6a5d0f471fe7418d273edd35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 407KB - Virtual size: 406KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 6.7MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 47KB - Virtual size: 46KB

.text
Size: 407KB - Virtual size: 406KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 6.7MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 47KB - Virtual size: 46KB