82055391ce934d24fad1829cfd823488_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

82055391ce934d24fad1829cfd823488_JaffaCakes118
Size

263KB
MD5

82055391ce934d24fad1829cfd823488
SHA1

3cf08dfa89871822ae05c9eb4d0965330c3d5a25
SHA256

67e1f8bc21e8eecb70370d4ca6fa3bf29006c9830f28ce979226391fd80e1f4e
SHA512

2c1a580028101e7cb0cd0fc774eacf18cc62869ac61f3376b5f57ba3452221431e2f1ce7df96019f590886a9551703392bc7e11e330809ff668e571228d32c7c
SSDEEP

3072:VQVAM4owAXYNgfqiC5CVlKHik4BN7Z65nLfZ+BBwHQmTVQ5pBqhgi8POqp00cBjG:Vi1cNtKVkibLoLf87cQmTVh98WA00WG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82055391ce934d24fad1829cfd823488_JaffaCakes118

Files

82055391ce934d24fad1829cfd823488_JaffaCakes118
.exe windows:5 windows x86 arch:x86

86beaeb40e7c54bc8c96570e3b7bb047

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetVolumeNameForVolumeMountPointA
SetCommBreak
SetCommConfig
HeapFree
SetConsoleCtrlHandler
ConnectNamedPipe
IsBadStringPtrA
GetProcessIoCounters
SetVolumeLabelA
GetPrivateProfileStringA
GetOverlappedResult
MultiByteToWideChar
GetCommTimeouts
EnumSystemCodePagesA
SetFileApisToANSI
GetEnvironmentVariableA
GetModuleFileNameW
VirtualProtect
GetFullPathNameW
ScrollConsoleScreenBufferW
GetProcAddress
LoadLibraryA
IsWow64Process
ReadConsoleA
GetConsoleCP
lstrcpyA
SetThreadExecutionState
GetThreadSelectorEntry
GetDefaultCommConfigW
GetSystemTimeAdjustment
lstrlenA
lstrlenW
BindIoCompletionCallback
GetMailslotInfo
GetPriorityClass
FindNextVolumeW
GetThreadPriority
CreateFileA
GetNumaNodeProcessorMask
MapViewOfFile
_hread
GetConsoleAliasW
Sleep
ResetWriteWatch
CompareStringW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetCommandLineA
GetStartupInfoA
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetCPInfo
HeapAlloc
GetModuleHandleA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetFilePointer
CloseHandle
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadFile

user32

GetCaretPos

advapi32

AdjustTokenPrivileges
DeregisterEventSource
EnumServicesStatusW
RegDeleteValueA
RegisterEventSourceW
AreAllAccessesGranted

Exports

Exports

@fjfkyu@0
@sdiufvsi@0

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nimi
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.muhih
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86beaeb40e7c54bc8c96570e3b7bb047

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 95KB - Virtual size: 3.5MB

.tls Size: 512B - Virtual size: 9B

.nimi Size: 1024B - Virtual size: 1024B

.muhih Size: 512B - Virtual size: 346B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 95KB - Virtual size: 3.5MB

.tls
Size: 512B - Virtual size: 9B

.nimi
Size: 1024B - Virtual size: 1024B

.muhih
Size: 512B - Virtual size: 346B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 16KB - Virtual size: 16KB