74cd4e95530b1b7912e4c4ab4216d484_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74cd4e95530b1b7912e4c4ab4216d484_JaffaCakes118
Size

451KB
MD5

74cd4e95530b1b7912e4c4ab4216d484
SHA1

41731324640284b49847e28201996273e0d63116
SHA256

da26c791560c1fc1700fe4eb12e83ddc878ecdfbc3d8377f06adb97e7f961f6c
SHA512

7f1f7bc0e9a81a1eb6b8f3a000d28b690883b0a9fee88cef24f353a0c65a9271b60dd2599b5c637dafab6e5a41186b10437ad2982e4602d91ebcb41110822045
SSDEEP

12288:MBBYsLf09zw+Ed8/A0gMtxYhrgY9evzO+R4N:uBYOqw+A8/AGtWRIrO+R4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74cd4e95530b1b7912e4c4ab4216d484_JaffaCakes118

Files

74cd4e95530b1b7912e4c4ab4216d484_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb0c534c9ef8645050151056a3938a2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\дмитрий\documents\visual studio 2010\Projects\Shock-world\Debug\Shock-world.pdb

Imports

kernel32

GetLastError
MoveFileA
GetCommandLineA
HeapSetInformation
HeapValidate
IsBadReadPtr
GetModuleFileNameW
GetFileAttributesA
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
EnterCriticalSection
LeaveCriticalSection
CloseHandle
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
RaiseException
lstrlenA
GetProcAddress
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
HeapCreate
HeapDestroy
WriteFile
FatalAppExitA
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
CreateFileA
GetProcessHeap
VirtualQuery
FreeLibrary
InterlockedExchange
GetLocaleInfoW
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
SetFilePointer
SetEndOfFile
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
CreateFileW

Sections

.textbss
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb0c534c9ef8645050151056a3938a2c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.textbss Size: - Virtual size: 166KB

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 5KB - Virtual size: 14KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 16KB - Virtual size: 15KB

.textbss
Size: - Virtual size: 166KB

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 5KB - Virtual size: 14KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 16KB - Virtual size: 15KB