829904d7b9a2352fcb43eb58a986eba3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

829904d7b9a2352fcb43eb58a986eba3_JaffaCakes118
Size

387KB
MD5

829904d7b9a2352fcb43eb58a986eba3
SHA1

5bd57bdac68fa0d740518e9efe40c983685f462e
SHA256

43a87fd0bd1c72b0b0ee5460e688c65344677bcb451f90c74bc34b0492ce6159
SHA512

b3c87fa4c8d57ae8e6ea1601c8a7beef39e302e51cdfe2d2f5297ef47149ee4ebf248701e34538d1530a655526d9ec93f1851f1abb8145be1bdd52b1a75c1cdf
SSDEEP

12288:ogfusyU6qxYr231b4NZYZoOCPdD6AxJWv4:vfF5YYEOOD6Sf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
829904d7b9a2352fcb43eb58a986eba3_JaffaCakes118

Files

829904d7b9a2352fcb43eb58a986eba3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dcb430ded87d3e64feaf0e1b32523617

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
BuildCommDCBAndTimeoutsA
GetCommState
ReadConsoleA
InterlockedDecrement
SetConsoleActiveScreenBuffer
GetProfileSectionA
WaitForSingleObject
CallNamedPipeW
LocalFlags
SetProcessPriorityBoost
GetPriorityClass
GlobalAlloc
LoadLibraryW
TerminateThread
GetBinaryTypeA
lstrcatA
GetACP
lstrlenW
FindNextVolumeMountPointW
DisconnectNamedPipe
RaiseException
CreateJobObjectA
SetCurrentDirectoryA
GetStdHandle
FreeLibraryAndExitThread
SetLastError
GetProcAddress
CopyFileA
EnterCriticalSection
GetLocalTime
LoadLibraryA
FindAtomA
GetPrivateProfileStructA
GetTapeParameters
SetEnvironmentVariableA
CreateMutexA
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
OpenSemaphoreW
lstrcpyW
AreFileApisANSI
InterlockedIncrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetLastError
MoveFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
DebugBreak
WriteFile
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
GetModuleFileNameA
GetOEMCP
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
HeapFree
VirtualFree
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetFilePointer
CloseHandle
CreateFileA

Exports

Exports

_asdga@4
_weewgg@8
_wsefwrgwrg@4
_ydtiuiei7@8

Sections

.text
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 39.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcb430ded87d3e64feaf0e1b32523617

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 317KB - Virtual size: 317KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 7KB - Virtual size: 39.5MB

.tls Size: 512B - Virtual size: 89B

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 317KB - Virtual size: 317KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 7KB - Virtual size: 39.5MB

.tls
Size: 512B - Virtual size: 89B

.rsrc
Size: 14KB - Virtual size: 14KB