3a6f156fe2f5e9080ef1c6fa5ca0f417_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a6f156fe2f5e9080ef1c6fa5ca0f417_JaffaCakes118
Size

3.8MB
MD5

3a6f156fe2f5e9080ef1c6fa5ca0f417
SHA1

a1354cd330d606f58b884cc95055aaee87e5a01d
SHA256

f6d4716dea8b519cfa0e1bed0d53731500f5a8e0388291af20b32d2ddbee5c20
SHA512

5777a1f8ae31093c0505cece1b8ee5cdab1d8e9325885679fc41e61ec4acafe192387d5d713dbd10841a65b510e226e9b1433ea1e56285be275607f10020e84f
SSDEEP

98304:N3TBBZmm8VhUBTOltmpd4aAGXe+AYh3mC75EF4hG2Ihj:NrZh8VhmOng4EHAYpmC1y4jI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6f156fe2f5e9080ef1c6fa5ca0f417_JaffaCakes118

Files

3a6f156fe2f5e9080ef1c6fa5ca0f417_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a403bde8544d707305c9084d6ad5ccf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
LoadResource
FlushViewOfFile
MapViewOfFile
ScrollConsoleScreenBufferA
HeapReAlloc
GetVolumeNameForVolumeMountPointW
GetCommConfig
ClearCommError
HeapAlloc
SetConsoleCtrlHandler
CreatePipe
GetPrivateProfileStringW
EnumSystemCodePagesW
AreFileApisANSI
GetEnvironmentVariableW
GetModuleFileNameW
GlobalAlloc
GetFullPathNameA
GetWriteWatch
GetProcAddress
LoadLibraryW
WTSGetActiveConsoleSessionId
ReadConsoleA
lstrcpyW
WriteConsoleOutputAttribute
GetDefaultCommConfigA
BuildCommDCBAndTimeoutsW
GetEnvironmentVariableA
GetAtomNameA
GetTickCount
GetMailslotInfo
FindNextVolumeA
GetThreadPriorityBoost
lstrlenW
lstrlenA
RaiseException
RtlUnwind
GetStartupInfoW
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
CloseHandle
EnterCriticalSection
LeaveCriticalSection
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
InitializeCriticalSectionAndSpinCount
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
CreateFileA

Exports

Exports

@eorugegv@0
@sdiufvsi@0

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a403bde8544d707305c9084d6ad5ccf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 3.6MB - Virtual size: 3.6MB

.data Size: 6KB - Virtual size: 3.5MB

.rsrc Size: 89KB - Virtual size: 88KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 3.6MB - Virtual size: 3.6MB

.data
Size: 6KB - Virtual size: 3.5MB

.rsrc
Size: 89KB - Virtual size: 88KB

.reloc
Size: 24KB - Virtual size: 23KB