1a0ef3bfa4b05ade7dc1233ea1edc265_JaffaCakes118

General

Target

1a0ef3bfa4b05ade7dc1233ea1edc265_JaffaCakes118
Size

135KB
MD5

1a0ef3bfa4b05ade7dc1233ea1edc265
SHA1

a92fca99136255b09ff28a2666988a325ad08c44
SHA256

c8191530ab73a87cd2175aac737bce4080e1f729b26843fd3d05eb8dc9bbb016
SHA512

a9e275f1f270f2c817d8b8762521b403f5a740369e26ac733cb929cf66d21522e37a482849314c70d18c0c256790ddf0bc80b3fb2f12bba1929b73e9573fe67c
SSDEEP

3072:Y7oVYIi8eVYG2w4oPhfB/ZE9dgLECFNk2/DNwmujTTwS0p65:xJ8iGBPhfB/ZE9uLRbk2/DNwVjIS0p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a0ef3bfa4b05ade7dc1233ea1edc265_JaffaCakes118

Files

1a0ef3bfa4b05ade7dc1233ea1edc265_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0841fb31b91963fbe55cf3832029ad7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapUserPhysicalPagesScatter
HeapDestroy
GetDiskFreeSpaceA
PurgeComm
VirtualFree
DeleteTimerQueue
WriteProcessMemory
FindResourceA
SetThreadExecutionState
ReadConsoleOutputAttribute
SearchPathA
GetProcessId
_lclose
LocalAlloc
SetConsoleFont
WriteProfileStringA
TransmitCommChar
GetProcessShutdownParameters
LZOpenFileA
VirtualAlloc
GetProcessHeap
SetFilePointer
GetStartupInfoA
SetEvent
GlobalAddAtomA
CallNamedPipeA
GetCommandLineW
SetCommBreak
FindAtomA
GlobalLock
CancelTimerQueueTimer
FindFirstVolumeMountPointA
GetConsoleAliasExesW
IsBadCodePtr
GetNamedPipeHandleStateA
GetEnvironmentStringsA
GetWindowsDirectoryA
WriteConsoleOutputCharacterW
SetFileApisToANSI
GetDevicePowerState
DeleteTimerQueue
QueryDosDeviceA
CancelTimerQueueTimer
SetComputerNameExA
SetFilePointerEx
GetCommandLineA
HeapFree
ReleaseMutex
WriteConsoleOutputCharacterA
GetFileTime
GetVersion
MoveFileWithProgressA
GetFileSize
TermsrvAppInstallMode
QueryInformationJobObject
SetConsoleInputExeNameA
ReadConsoleA
GetProcessHandleCount
CreateFileA
FreeLibrary
FreeResource
GetTempFileNameA
FindFirstFileExA
GetCommandLineA
GetLastError
VirtualAllocEx
AddConsoleAliasA
PeekNamedPipe
PeekConsoleInputA
lstrcmpiA
GetFileTime

Exports

Exports

CreateYllgslvmi
Upeascn
Hvibckosed
AddIvyhceq
CloseInjisin
Rlhinbjwfmi
WriteKqkalrfy
Vmsessvwkji
Gumvuegvs
Skirgmsjf
Olkvoqmpkua
CloseNhxvvdi
Wdkkuoc
GetScstfgukbrk
Sgjagbeo
Badgkvypmgc
CloseSjnqmheutx
Tnpefum
BeginBjxdxhs
Jnjqbvr

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0841fb31b91963fbe55cf3832029ad7f

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 78KB

.idata Size: 2KB - Virtual size: 147KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 78KB - Virtual size: 78KB

.idata
Size: 2KB - Virtual size: 147KB

.rsrc
Size: 53KB - Virtual size: 52KB