295ba8c5ecdb8dbea978e0c3523365e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

295ba8c5ecdb8dbea978e0c3523365e2_JaffaCakes118
Size

148KB
MD5

295ba8c5ecdb8dbea978e0c3523365e2
SHA1

1ef2b0ece46636e4f6ed7ec8b2a1b13daaa27144
SHA256

d681c6b69794df22bab011f511f60a1ce5d3615ee5ff26c40c46fb9b044e2346
SHA512

a079bc1d5efa78c9fdc9c030e355004a47f9c8345b32756e02359ad1f8814350bd9ae6eb360dfa716b11a417c4fda2b97250335bc11908d8b663daf8745aa32a
SSDEEP

3072:OjDkDQMsFXh5berllMTfpAAvz8oX2RKM4L9kl9t6:yDkEMsFXhN2lwBA4zj2RKMRrt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
295ba8c5ecdb8dbea978e0c3523365e2_JaffaCakes118

Files

295ba8c5ecdb8dbea978e0c3523365e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1d382ce3c28f0c648b6a67ed681bc736

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetProcessHeap
GetSystemTimeAsFileTime
WriteFile
GetVolumePathNameW
GetSystemDirectoryW
WideCharToMultiByte
LoadLibraryW
Sleep
DeleteVolumeMountPointW
GetExitCodeProcess
GetVolumePathNamesForVolumeNameW
ReadFile
GetModuleFileNameW
CreateFileW
GetOverlappedResult
MultiByteToWideChar
lstrlenW
SetThreadPriority
GetStartupInfoW
FlushInstructionCache
GetLastError
GetProcAddress
VirtualAlloc
DefineDosDeviceW
SetVolumeLabelW
GetDiskFreeSpaceW
FindClose
GetProcessId
CreateFileMappingW
CreateEventW
DeviceIoControl
CreatePipe
lstrcmpiW
VirtualProtect
GetCurrentThreadId
DuplicateHandle
CloseHandle
GetVolumeNameForVolumeMountPointW
lstrcpyW
GetVolumeInformationW
GetCurrentThread
GetLogicalDrives
FlushFileBuffers
HeapSize
IsProcessorFeaturePresent
HeapReAlloc
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
CreateThread
SetThreadExecutionState
SetEvent
WaitForSingleObject
HeapFree
SetFilePointerEx
GetCurrentProcess
MoveFileExW
HeapAlloc
CreateProcessW
UnmapViewOfFile
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
EncodePointer
DecodePointer
MapViewOfFile
FindFirstFileW
GetCommandLineW
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSetInformation
GetCommandLineA

Sections

noname
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

noname
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

noname
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

noname
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

noname
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

noname
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

noname
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

noname
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d382ce3c28f0c648b6a67ed681bc736

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

noname Size: 26KB - Virtual size: 25KB

noname Size: 56KB - Virtual size: 55KB

noname Size: 12KB - Virtual size: 12KB

noname Size: 3KB - Virtual size: 10KB

noname Size: 4KB - Virtual size: 4KB

noname Size: 1024B - Virtual size: 576B

noname Size: 37KB - Virtual size: 36KB

noname Size: 6KB - Virtual size: 6KB

noname
Size: 26KB - Virtual size: 25KB

noname
Size: 56KB - Virtual size: 55KB

noname
Size: 12KB - Virtual size: 12KB

noname
Size: 3KB - Virtual size: 10KB

noname
Size: 4KB - Virtual size: 4KB

noname
Size: 1024B - Virtual size: 576B

noname
Size: 37KB - Virtual size: 36KB

noname
Size: 6KB - Virtual size: 6KB