83cdff68729f7b0061e6927c33e513bf_JaffaCakes118

General

Target

83cdff68729f7b0061e6927c33e513bf_JaffaCakes118
Size

139KB
MD5

83cdff68729f7b0061e6927c33e513bf
SHA1

fc2c6d7b0a8e04726356f7ac9373bfc2e62048b3
SHA256

5c3ba9ecaac1ae4c680b404ab64cffe161a108c67ec5807d4a911d20efa1897c
SHA512

d6c91c9e80511cbcd312d865b76160434bf6a2251d79e53fe63812da4be54f405f40c58d345124345ff32e267ebc2512aeb3b1865fa2c84fcb5a759c1956a5ba
SSDEEP

3072:aogwy8+HFcbZjGIoA4XtMXNPZ0vGtZdzoWOEN4hBSVA6:aogwyjIoUQuLhNIh6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83cdff68729f7b0061e6927c33e513bf_JaffaCakes118

Files

83cdff68729f7b0061e6927c33e513bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1941d894a57de6c61a36bc123d696771

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
GetProcessWorkingSetSize
GetFileAttributesExA
GetOEMCP
OutputDebugStringA
GetEnvironmentVariableA
GetDiskFreeSpaceA
MoveFileWithProgressA
GetModuleFileNameA
GetLocaleInfoA
EnumSystemLocalesA
ProcessIdToSessionId
CloseHandle
GetCommState
GetProcessTimes
CreateSemaphoreA
VirtualFree
GetCurrentDirectoryA
FindFirstVolumeMountPointA
GlobalWire
GlobalFindAtomA
GetVolumeNameForVolumeMountPointA
DeleteTimerQueueEx
GetCommandLineW
GlobalSize
SystemTimeToFileTime
WriteProcessMemory
ReadConsoleOutputA
VirtualAlloc
GetThreadPriorityBoost
GetStartupInfoA
GetConsoleMode
LZRead
GetConsoleInputWaitHandle
GetCommandLineA
GetExpandedNameA
CreateMutexA
GetCommModemStatus
GetWriteWatch
Thread32Next
WriteProcessMemory
GetComputerNameA
GetCurrentConsoleFont
GetLogicalDrives
GetThreadIOPendingFlag
WriteConsoleOutputA
GetPrivateProfileSectionNamesA
MapUserPhysicalPagesScatter
GetConsoleWindow
WriteConsoleInputA
FindFirstFileExW
GetConsoleCursorMode
WritePrivateProfileSectionA
OpenEventA
GetTempPathA
GlobalFindAtomA
CreateNamedPipeA
SetEvent
Heap32Next
FindFirstChangeNotificationA
SetEndOfFile
ClearCommError
OpenWaitableTimerA
GetConsoleTitleA
SetLastConsoleEventActive
GetLogicalDriveStringsA
LocalShrink
GetSystemInfo
OpenEventA
GetVersionExA
GetThreadSelectorEntry
GetLogicalDrives
HeapSummary
GetCurrentProcessId
GetLastError
GetFileAttributesA
HeapFree

Exports

Exports

WriteHwsvnoqxm
CloseEurpkemweq
ReadKkwsumjavsh
EndFilawspcr
Mwmeuns
CloseHqjcdmuc
Xffwtkflln
Gtractuxehy
CloseGfoiuohqp
Impcprsincu
CloseBeifbesw
IsHjruflh
Iosyjwi
OpenPcindfc
IsBgsfbxj
IsNhgrvphohbj
AddPbdbkfhsh
Qwcigonudpl
Lwjjeistuo
AddDvoqfcb

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1941d894a57de6c61a36bc123d696771

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.idata Size: 2KB - Virtual size: 145KB

.rsrc Size: 54KB - Virtual size: 53KB

.text
Size: 82KB - Virtual size: 81KB

.idata
Size: 2KB - Virtual size: 145KB

.rsrc
Size: 54KB - Virtual size: 53KB