72cfa33b978294103889481feca472f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72cfa33b978294103889481feca472f2_JaffaCakes118
Size

222KB
MD5

72cfa33b978294103889481feca472f2
SHA1

0615eb31fd67345b9fa0d57d12a3bcb363152abe
SHA256

5d366decba2f9078f457cb35fe7bfd198760683a709f0d33745fc6e0ba59ac8a
SHA512

d1de5fee23b7a858ec62b849cd8a41cf896ab8b6df4836c65ba36942c1d1727b36832d45713a578c93e8a0b8650bf55923568637d91bb9b2196257a2ae015559
SSDEEP

3072:m04yjyyUD1HncBNyBNp5oEug4OkyJAQF1G8Xrrw+cC+lJDJEQkjvuMM:SR1HUUPCEZ4OkyJ9rrw+cZTuZSMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
72cfa33b978294103889481feca472f2_JaffaCakes118

Files

72cfa33b978294103889481feca472f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2092af3116a2d4116123e625b2a077dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationW
lstrlenA
EnumDateFormatsExW
InterlockedIncrement
GetTickCount
CreateActCtxW
GlobalAlloc
AddRefActCtx
LoadLibraryW
SetCommConfig
GetStringTypeExW
SetConsoleMode
IsBadWritePtr
GetOverlappedResult
GetLastError
GetProcAddress
ResetEvent
CreateEventW
GetOEMCP
lstrcatW
RaiseException
SetStdHandle
CloseHandle
SetFilePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapValidate
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
DecodePointer
EncodePointer
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapCreate
WriteFile
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetACP
GetCPInfo
IsValidCodePage
MultiByteToWideChar
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
RtlUnwind
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
CreateFileW

user32

GetCaretPos
GetCursor

Exports

Exports

@dpifgbodvg@8
@fhdjdfj@4

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2092af3116a2d4116123e625b2a077dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 188KB

.data Size: 13KB - Virtual size: 548KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 188KB - Virtual size: 188KB

.data
Size: 13KB - Virtual size: 548KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 14KB - Virtual size: 13KB