82566832567758b76147488ee97ede3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

82566832567758b76147488ee97ede3c_JaffaCakes118
Size

3.9MB
MD5

82566832567758b76147488ee97ede3c
SHA1

692e13785c9993e935974ca86803bfb4db7e42f6
SHA256

34679b7c070df630d920d647577634bd04744ccb7dee2a2bbd5c4eda115d53ce
SHA512

36f59b33ae71c50294d2e75dae1211d522e10b5b5c663a2306388b01122184940f14fa4f2b90dcdb4cf8d9513c74d3c0dfceb64f5d2b4d35aad1df840e723e01
SSDEEP

49152:kAwXaKXEVlm2vQcvMaO+7AYPhZ+4wITD6P6W3iqHiyFNl9+6wmSYziPmebwE1NWl:kAZvm2hhONShMI/6Bi6kmSzwWuX/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
82566832567758b76147488ee97ede3c_JaffaCakes118

Files

82566832567758b76147488ee97ede3c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a03aaa11c02c78907a5cf8ff2de450e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCompact
lstrlenA
AllocConsole
CommConfigDialogA
BuildCommDCBAndTimeoutsA
UpdateResourceA
SetWaitableTimer
WriteTapemark
SetConsoleTextAttribute
ZombifyActCtx
SetDefaultCommConfigW
GetEnvironmentStringsW
SetTapeParameters
GetModuleHandleW
GetTickCount
GetConsoleAliasesA
IsBadReadPtr
GetConsoleTitleA
WaitNamedPipeW
WriteFile
QueryActCtxW
GetVolumeInformationA
LoadLibraryW
ReadConsoleInputA
GetCalendarInfoA
WriteConsoleOutputA
SetConsoleCP
CreateMutexW
lstrcpynW
GetModuleFileNameW
GetTimeZoneInformation
CreateActCtxA
GetDevicePowerState
VirtualUnlock
GetStringTypeExA
VerifyVersionInfoW
InterlockedFlushSList
GetProcAddress
AttachConsole
GetTapeStatus
CreateConsoleScreenBuffer
HeapUnlock
InterlockedExchangeAdd
LocalAlloc
SetConsoleCtrlHandler
HeapLock
SetSystemTime
LoadLibraryExA
DeleteCriticalSection
GetCPInfoExA
FindAtomW
lstrcpyW
CopyFileExA
lstrcpyA
HeapReAlloc
GetCommModemStatus
GetFileAttributesA
PulseEvent
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RaiseException
FatalAppExitA
CloseHandle
CreateFileA
FreeLibrary
InterlockedExchange
GetLocaleInfoW
SetStdHandle
WriteConsoleW
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapAlloc
FlushFileBuffers
SetEndOfFile
GetProcessHeap
ReadFile
HeapSize
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

gdi32

GetCharWidth32A

advapi32

BackupEventLogA

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tavoh
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a03aaa11c02c78907a5cf8ff2de450e8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.data Size: 6KB - Virtual size: 5.3MB

.tls Size: 30KB - Virtual size: 29KB

.tavoh Size: 512B - Virtual size: 1B

.rsrc Size: 54KB - Virtual size: 53KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.data
Size: 6KB - Virtual size: 5.3MB

.tls
Size: 30KB - Virtual size: 29KB

.tavoh
Size: 512B - Virtual size: 1B

.rsrc
Size: 54KB - Virtual size: 53KB