865102f865aee65ef616330fc6dbdd53_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

865102f865aee65ef616330fc6dbdd53_JaffaCakes118
Size

3.8MB
MD5

865102f865aee65ef616330fc6dbdd53
SHA1

065102e3383ebea037d6d239475360a96d10d215
SHA256

4c5efdc9313c9fc6815288922ac6c5ab039088ece3e00832948f46c983570072
SHA512

429864e9d8a737f07115188e0c639e3ebb182a906307945b992a8337ae682952795c9cc9dd74a9a2012124bcf440cbafa074ab2a7d35acb834dfd23f4a8a20cc
SSDEEP

49152:bcJ3HEburt6qiytOt1nBfNITHXNkJ1YDIGlRYdo8npa8y2rgyTlnF3DO:AJXszqZkXfNeXFPYdiZsgyTlVDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
865102f865aee65ef616330fc6dbdd53_JaffaCakes118

Files

865102f865aee65ef616330fc6dbdd53_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae744c11935284ac6be0b4c3c4a9a70a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
SearchPathW
SetPriorityClass
SetFilePointer
SetLocalTime
BuildCommDCBAndTimeoutsA
LoadResource
SetUnhandledExceptionFilter
InterlockedIncrement
ReadConsoleA
CompareFileTime
SetDefaultCommConfigW
SetEnvironmentVariableW
WaitForSingleObject
CallNamedPipeW
SetTapeParameters
GetModuleHandleW
IsBadReadPtr
SetCommState
Sleep
CopyFileW
GetPrivateProfileStructW
SetSystemTimeAdjustment
FileTimeToDosDateTime
GetACP
lstrlenW
DisconnectNamedPipe
FreeLibraryAndExitThread
GetCurrentDirectoryW
SetLastError
GetProcAddress
SetStdHandle
SetFileApisToOEM
LoadLibraryA
CreateSemaphoreW
LocalAlloc
WaitForMultipleObjects
_lread
lstrcatW
FreeEnvironmentStringsW
FindAtomW
GetProfileSectionW
lstrcpyA
GetFileAttributesA
ExitProcess
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetLastError
DeleteFileA
GetModuleFileNameW
GetStartupInfoW
HeapValidate
RaiseException
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA
CloseHandle
CreateFileA

Exports

Exports

_gifgeek@8

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 43.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae744c11935284ac6be0b4c3c4a9a70a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 3.7MB - Virtual size: 3.7MB

.data Size: 7KB - Virtual size: 43.5MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 3.7MB - Virtual size: 3.7MB

.data
Size: 7KB - Virtual size: 43.5MB

.rsrc
Size: 16KB - Virtual size: 15KB