571ce5be44aa36b68f2dbe9c0441dff0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

571ce5be44aa36b68f2dbe9c0441dff0_JaffaCakes118
Size

352KB
MD5

571ce5be44aa36b68f2dbe9c0441dff0
SHA1

4d7af48e8efbb0887e5b11dfffb6f43f7061efc7
SHA256

dfeb2329e476e441a5f55e0dfd5c053d75f31a17863b200feab29cb5fb67137b
SHA512

7cb66b0cf78153bca2b1e88ca00420503eb085ede980fd568599036da626755febaf7726351492b079ae3ee8f80173ab35f9121ad7c7a0aa864e2546964a3134
SSDEEP

6144:2A8wwGmaue93Ae9dW0LE1opJWozwPlMWwtTI3hij04ZfehR:+wwGTR9Qe9djE1mWhctWEj0ue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
571ce5be44aa36b68f2dbe9c0441dff0_JaffaCakes118

Files

571ce5be44aa36b68f2dbe9c0441dff0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9357a7723c5668733b8ff0870ddcde9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
lstrlenA
SetEndOfFile
FreeLibrary
CallNamedPipeA
SetUnhandledExceptionFilter
ReadConsoleA
GetProfileSectionA
WaitForSingleObject
OpenSemaphoreA
ConnectNamedPipe
SetTapeParameters
GetProcessPriorityBoost
FindNextVolumeMountPointA
SetCommState
SetProcessPriorityBoost
GetPriorityClass
ActivateActCtx
LoadLibraryW
GetConsoleMode
CopyFileW
GetPrivateProfileStructW
LeaveCriticalSection
WritePrivateProfileStructW
ReadFile
lstrcatA
GetBinaryTypeW
GetACP
ExitThread
GetNamedPipeHandleStateW
InterlockedExchange
GetStdHandle
IsDBCSLeadByteEx
GetCurrentDirectoryW
SetLastError
GetProcAddress
GetConsoleDisplayMode
LoadLibraryA
LocalAlloc
BuildCommDCBAndTimeoutsW
SetCurrentDirectoryW
SetFileApisToANSI
AddAtomA
SetEnvironmentVariableA
CreateMutexA
GetVersionExA
LocalFree
GetLastError
MoveFileA
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
EnterCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
SetStdHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
InterlockedIncrement
InterlockedDecrement
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
RtlUnwind
MultiByteToWideChar
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
GetModuleHandleA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
CreateFileA
CloseHandle

Exports

Exports

_asdasfafswery@8
_asdga@4
_every@4
_trutovik@4
_weewgg@8

Sections

.text
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9357a7723c5668733b8ff0870ddcde9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 276KB - Virtual size: 276KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 39.5MB

.tls Size: 512B - Virtual size: 89B

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 276KB - Virtual size: 276KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 39.5MB

.tls
Size: 512B - Virtual size: 89B

.rsrc
Size: 21KB - Virtual size: 20KB