72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118
Size

548KB
MD5

72f0ed6c41455ffba00e8d70230fb385
SHA1

d66ff526c4fce9dc2400b3f62b9a85290a0e43ae
SHA256

6d4e0d5aab0b739d7a588ac8388fda6683d7aeb89218bc90a6e31e678d694732
SHA512

3f80888e2367c57a5ee1888fdaff6a048f146db09cb177cfff66145c85e69f710df1e605b47afc5481b88bba4804c667b70bda453e72bb847e57aa355da2fda2
SSDEEP

12288:OJlhw548nlk6CObOADVdHU6MGBjhRWVh0EBpAwX2NmBdWccZ6vbiG:Qw5482hbADnMcwAE2NIcp6vbiG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118

Files

72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0ff14359b880fafd144fe831822d05c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\worugagewolezuyo92-pejozaxoyucato bije52_dufukijajo.pdb

Imports

kernel32

lstrlenW
LoadLibraryA
GetProcessShutdownParameters
GetEnvironmentVariableW
CreateMailslotA
AddRefActCtx
IsDBCSLeadByte
PeekConsoleInputW
FormatMessageA
Beep
GetHandleInformation
CloseHandle
GetLastError
LocalAlloc
GetCurrentDirectoryW
GetProcAddress
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
RtlUnwind
GetCommandLineW
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointerEx
WriteConsoleW
OutputDebugStringW
GetStringTypeW
CreateFileW

advapi32

RegEnumKeyW
RegDeleteKeyA
GetSecurityDescriptorLength
AreAnyAccessesGranted
AreAllAccessesGranted
SetThreadToken
RegQueryInfoKeyW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 424KB - Virtual size: 855KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ff14359b880fafd144fe831822d05c0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 424KB - Virtual size: 855KB

.idata Size: 3KB - Virtual size: 6KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 424KB - Virtual size: 855KB

.idata
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 5KB - Virtual size: 4KB