83a79543deac22635064e80f6946f80e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83a79543deac22635064e80f6946f80e_JaffaCakes118
Size

362KB
MD5

83a79543deac22635064e80f6946f80e
SHA1

7fa23258aa163f774985562aadd61b2124d7f400
SHA256

b5ce9f51cfa2f788eb4c21adf88e1ecdbbc496ea12da6cd03814e0c2968f42bd
SHA512

407518921d01172ba90554cc4c9d3240e001e016cd407f7ff7b1223db977fc7d66da61cf239998c5369307dbf41fc7f2480a846f8779b4ef35b8a42d8c9a41ef
SSDEEP

6144:TeZBO+G3VqbkTS4+AIrApwe7fHzvRVkr30IC1sPSMCny3b902A8o2ZR:TeZWlqoO4+E7vzDlCjCS7do2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83a79543deac22635064e80f6946f80e_JaffaCakes118

Files

83a79543deac22635064e80f6946f80e_JaffaCakes118
.exe windows:6 windows x86 arch:x86

297c0ee903a5961c0af6ad775eee1f74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
GetEnvironmentVariableW
GetTempPathW
FindClose
CreateFileW
Sleep
TlsAlloc
DeleteFileW
GetCommandLineW
GetLocalTime
GetCurrentDirectoryW
VirtualProtectEx
CreateProcessW
TlsGetValue
GetSystemTimeAsFileTime
GetTickCount
CloseHandle
DecodePointer
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
FreeLibrary
LoadLibraryExW
GetModuleFileNameA
GetModuleHandleExW
HeapAlloc
HeapValidate
GetSystemInfo
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetACP
GetFileType
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
WaitForSingleObjectEx
CreateThread
LCMapStringW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetProcessHeap
FindFirstFileExW
GetStartupInfoW

ole32

CoUninitialize
CoInitialize
CoRegisterSurrogate

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
getprotobynumber
WSAStartup
WSAConnect
socket
WSAAddressToStringW
getservbyname
setsockopt
getservbyport

shlwapi

PathFindExtensionW

advapi32

SystemFunction036

Sections

.text
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

297c0ee903a5961c0af6ad775eee1f74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

ws2_32

shlwapi

advapi32

Sections

.text Size: 334KB - Virtual size: 333KB

.data Size: 13KB - Virtual size: 68KB

.idata Size: 3KB - Virtual size: 2KB

.gfids Size: 512B - Virtual size: 316B

.rsrc Size: 1024B - Virtual size: 900B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 334KB - Virtual size: 333KB

.data
Size: 13KB - Virtual size: 68KB

.idata
Size: 3KB - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 316B

.rsrc
Size: 1024B - Virtual size: 900B

.reloc
Size: 9KB - Virtual size: 9KB