5c7d93ea976f1f84ac8bef6e6065deca_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c7d93ea976f1f84ac8bef6e6065deca_JaffaCakes118
Size

2.3MB
MD5

5c7d93ea976f1f84ac8bef6e6065deca
SHA1

22f9a5f7e38ac207f21287fa63f371a255a68c83
SHA256

76d9f06d6861a5fa03c02ca11c643684f51ba3372666b2f1541578f09c1d6d85
SHA512

0a64b6d8a6c87e0ea11c56b3542b229e97a4ffa6450a26456faa1b025a7ef5164f1b21bfceab04e5e480f893657c2bd65d6e1b6180f12b123783e1b19e0727b7
SSDEEP

49152:SgJyYd1z3uq8TsAO0Q3Lkxp8yzR0WdsIQP8hK6jEjZIBbKO:SgJyo3uq8Q0Q3LKp8CHdsIQ0o62Uv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5c7d93ea976f1f84ac8bef6e6065deca_JaffaCakes118

Files

5c7d93ea976f1f84ac8bef6e6065deca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ccb5eb5c90b9cddb75d41bc73819f1dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapUnlock
GetModuleHandleA
InterlockedDecrement
CreateFileA
DeleteFileA
GetPrivateProfileSectionW
DeleteCriticalSection
LocalAlloc
GetModuleFileNameW
WriteFile
FindActCtxSectionGuid
FindActCtxSectionStringA
SetEndOfFile
GetFileAttributesA
SetEvent
ReleaseMutex
Sleep
WaitForSingleObject
WaitForMultipleObjects
FindResourceExA
GetConsoleTitleW
SetConsoleCtrlHandler
SetConsoleTitleW
GetProcAddress
BuildCommDCBAndTimeoutsW
CommConfigDialogA
HeapAlloc
GetCurrentProcess
GetModuleHandleW
lstrlenW
LocalLock
ReadFile
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
GetLastError
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
CloseHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
GetProcessHeap

gdi32

GetCharWidthFloatA

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sukuwu
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fix
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tijaje
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mupagu
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.turirom
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccb5eb5c90b9cddb75d41bc73819f1dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 127KB - Virtual size: 127KB

.data Size: 2.1MB - Virtual size: 2.8MB

.sukuwu Size: 512B - Virtual size: 346B

.tls Size: 26KB - Virtual size: 26KB

.fix Size: 1024B - Virtual size: 626B

.tijaje Size: 512B - Virtual size: 23B

.mupagu Size: 512B - Virtual size: 6B

.turirom Size: 1024B - Virtual size: 963B

.rsrc Size: 49KB - Virtual size: 49KB

.text
Size: 127KB - Virtual size: 127KB

.data
Size: 2.1MB - Virtual size: 2.8MB

.sukuwu
Size: 512B - Virtual size: 346B

.tls
Size: 26KB - Virtual size: 26KB

.fix
Size: 1024B - Virtual size: 626B

.tijaje
Size: 512B - Virtual size: 23B

.mupagu
Size: 512B - Virtual size: 6B

.turirom
Size: 1024B - Virtual size: 963B

.rsrc
Size: 49KB - Virtual size: 49KB