749e650c6b6be6dbdd3a1638333625dc_JaffaCakes118

General

Target

749e650c6b6be6dbdd3a1638333625dc_JaffaCakes118
Size

550KB
MD5

749e650c6b6be6dbdd3a1638333625dc
SHA1

cdc70c6708265a4ae68d31c36751ee12d49931ce
SHA256

c57c7f99dea81588bf93fae3d37b06574d6457a2a11797f51ca1aeb68c700a44
SHA512

d7219507a3053eb56c205c823570057474622ef520ac07141e72bb6a9b896e9d849071cd1b0437121bb905146e438223ea2521f07d3cddcad4d519bf29807332
SSDEEP

3072:PHLy4QqK1siz2V7AZmmyPJ6nrjp9BJvXXZogkDoA0sY4cTuWWnsETJeKQAO+tp:PHEqK1P2V7Azjp9jvXJoS33CWWsEi+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
749e650c6b6be6dbdd3a1638333625dc_JaffaCakes118

Files

749e650c6b6be6dbdd3a1638333625dc_JaffaCakes118
.exe windows:0 windows x86 arch:x86

bc9d73513fade031d557842dacd9c2ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocateUserPhysicalPages
AttachConsole
Beep
BeginUpdateResourceA
CallNamedPipeA
CloseHandle
CloseProfileUserMapping
ConvertFiberToThread
CopyFileA
CopyFileW
CreateDirectoryA
CreateFileA
CreateFileMappingW
CreateFileW
CreateJobSet
CreateProcessA
CreateWaitableTimerA
DeleteCriticalSection
DeleteFiber
DeviceIoControl
DosDateTimeToFileTime
EnumCalendarInfoW
EnumLanguageGroupLocalesW
EraseTape
ExitVDM
ExtendVirtualBuffer
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindCloseChangeNotification
FindFirstFileExA
FindFirstVolumeMountPointW
FindResourceExA
FreeEnvironmentStringsW
GetCPInfo
GetComputerNameExA
GetComputerNameExW
GetConsoleAliasesW
GetConsoleCommandHistoryLengthW
GetConsoleDisplayMode
GetConsoleFontInfo
GetConsoleInputWaitHandle
GetConsoleProcessList
GetCurrencyFormatW
GetDateFormatA
GetDateFormatW
GetDefaultSortkeySize
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetExpandedNameA
GetFileAttributesExA
GetLargestConsoleWindowSize
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumaProcessorNode
GetNumberOfConsoleMouseButtons
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionW
GetProcAddress
GetProcessIoCounters
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetQueuedCompletionStatus
GetTapeStatus
GetTempPathA
GetUserDefaultLangID
GetVolumeInformationW
GlobalGetAtomNameW
GlobalHandle
GlobalWire
HeapReAlloc
HeapSetInformation
HeapValidate
InitializeCriticalSection
InterlockedPushEntrySList
IsDBCSLeadByte
IsValidCodePage
LZSeek
LoadLibraryA
LocalHandle
MapUserPhysicalPagesScatter
MapViewOfFile
OpenJobObjectW
OpenProcess
PurgeComm
QueryMemoryResourceNotification
ReadFile
RegisterConsoleVDM
RemoveDirectoryA
ReplaceFileA
RequestDeviceWakeup
ResumeThread
RtlMoveMemory
SetCalendarInfoA
SetComPlusPackageInstallStatus
SetCommBreak
SetCommState
SetCommTimeouts
SetComputerNameExA
SetComputerNameW
SetConsoleCommandHistoryMode
SetConsoleCursor
SetConsoleCursorInfo
SetConsoleMenuClose
SetConsoleNumberOfCommandsA
SetConsoleOutputCP
SetConsoleTextAttribute
SetConsoleWindowInfo
SetCurrentDirectoryA
SetDllDirectoryW
SetLocalTime
SetMessageWaitingIndicator
SetSystemTime
SetTapeParameters
SetTapePosition
SetThreadIdealProcessor
SetVDMCurrentDirectories
SetVolumeLabelW
SwitchToThread
TerminateProcess
Thread32First
Thread32Next
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
VDMOperationStarted
VerLanguageNameW
VirtualQuery
VirtualQueryEx
WritePrivateProfileSectionW
WriteTapemark
_hwrite
lstrcmpi

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc9d73513fade031d557842dacd9c2ec

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB