a2d68ce5a4a5f47d2aa001a4dd83ef57_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a2d68ce5a4a5f47d2aa001a4dd83ef57_JaffaCakes118
Size

3.9MB
MD5

a2d68ce5a4a5f47d2aa001a4dd83ef57
SHA1

3d8b1ba65986eba4eaf0830c10a494121563b19a
SHA256

f3670a92b119dfb5e46d0410b3399648214f9125dee469675c7431b84075f755
SHA512

b613b777885d69d9ea47875632088df2cfae1d3f7ed0d9c65ccc4e614afa3a4c3616e1ba69d1f35fa669d84147ab6de9368c5964ed54fa516b510bc58c6092ae
SSDEEP

98304:HxW6BwOL4D6l/LtKCs2M1N1yMHPXBNI1qT/AhRg0FSLQwWuBjWo:HxW4wM4D6l/Lto2EN1HHPxNI1qTYhe3Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2d68ce5a4a5f47d2aa001a4dd83ef57_JaffaCakes118

Files

a2d68ce5a4a5f47d2aa001a4dd83ef57_JaffaCakes118
.exe windows:5 windows x86 arch:x86

92df55fa79e754888d3e5d7c1bbd58fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetCurrentProcess
WaitForSingleObject
SetEvent
SleepEx
GetTickCount
WriteFile
FindActCtxSectionStringA
FindResourceExA
GetConsoleCP
SetFileShortNameW
FreeConsole
GetFileAttributesA
ReadFile
ReleaseSemaphore
SetConsoleTitleA
GetProcAddress
HeapUnlock
ReadFileEx
ResetEvent
LoadLibraryA
LocalAlloc
GetModuleFileNameA
GetConsoleTitleW
DeleteCriticalSection
EndUpdateResourceA
GetPrivateProfileSectionW
CommConfigDialogW
HeapAlloc
lstrlenW
LocalUnlock
GetStartupInfoW
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
Sleep
ExitProcess
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
SetStdHandle
HeapSize
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

gdi32

GetCharWidthFloatW

advapi32

ReportEventW

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3.8MB - Virtual size: 11.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zuzivab
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zifiha
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nop
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bizez
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92df55fa79e754888d3e5d7c1bbd58fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 3.8MB - Virtual size: 11.6MB

.zuzivab Size: 1024B - Virtual size: 626B

.zifiha Size: 512B - Virtual size: 23B

.nop Size: 512B - Virtual size: 6B

.bizez Size: 1024B - Virtual size: 963B

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 3.8MB - Virtual size: 11.6MB

.zuzivab
Size: 1024B - Virtual size: 626B

.zifiha
Size: 512B - Virtual size: 23B

.nop
Size: 512B - Virtual size: 6B

.bizez
Size: 1024B - Virtual size: 963B

.rsrc
Size: 45KB - Virtual size: 44KB