7a109519d3c1fb1e89abfd33dd9ac1cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7a109519d3c1fb1e89abfd33dd9ac1cf_JaffaCakes118
Size

3.9MB
MD5

7a109519d3c1fb1e89abfd33dd9ac1cf
SHA1

80c8b0de3d6baa8a8992d336d570b110835d0f75
SHA256

43e1b48cfd1b549a06df210000ef97f350e6dad5a12a053157420f9a5aaa906e
SHA512

85e0e974d189ddefca695ddc040386a8426f4919fa5832bdb9c323a32b467685dcf26a6666b97719eb6e4feeb9ca708bb0c44bf1f18a432d0a6d221293de4f47
SSDEEP

98304:eE1gv+P9a92U2FvyxtPjPxVNUNCU42/zBkWTwFJL2XBV9:7gtEU2FvaRP3W34cuJSX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7a109519d3c1fb1e89abfd33dd9ac1cf_JaffaCakes118

Files

7a109519d3c1fb1e89abfd33dd9ac1cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a2e1737805b4ace9166d077ea8e456cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteFile
GetProcessTimes
LoadLibraryW
GetStringTypeExW
FileTimeToSystemTime
IsBadStringPtrA
GetNamedPipeHandleStateW
GetLastError
GlobalFree
GetPrivateProfileStringA
GetAtomNameA
WriteConsoleA
GetProcessId
LocalAlloc
GetCurrentConsoleFont
SetConsoleTitleW
OpenFileMappingW
VirtualProtect
EnumSystemLocalesW
GetTickCount
BackupSeek
GetCurrentProcess
LoadResource
DebugActiveProcessStop
lstrlenA
CreateFileA
BuildCommDCBW
GetCommandLineW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
InterlockedCompareExchange
InterlockedExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetCommandLineA
GetStartupInfoA
GetCPInfo
HeapValidate
IsBadReadPtr
RaiseException
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
GetProcAddress
TlsGetValue
GetModuleHandleW
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
DebugBreak
GetStdHandle
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetStringTypeA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
SetStdHandle
GetConsoleOutputCP
SetFilePointer
GetModuleHandleA
CloseHandle

Exports

Exports

basketball

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2e1737805b4ace9166d077ea8e456cd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 13KB - Virtual size: 194KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 41KB - Virtual size: 3.0MB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 13KB - Virtual size: 194KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 41KB - Virtual size: 3.0MB