8dd7401ef9546b3f82bd8b39608e5af6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8dd7401ef9546b3f82bd8b39608e5af6_JaffaCakes118
Size

17.8MB
MD5

8dd7401ef9546b3f82bd8b39608e5af6
SHA1

8999df6f49229999c04a2964dd9451dd410953c3
SHA256

171ba2ccd0f5405b921918b4521b1f2f6ac8a111132f1139ba7427770fdfabae
SHA512

c7622f646c262394ddebf8eca559355c7839c1341e900c2d74203c45521555e26a950058c478d4b2fc758bc5b865d4ea9994c9a4339075f30bfb9402782b25cb
SSDEEP

393216:6nhdFjRJYqc6KfyuVMO41qWmlD1LvNSaQgmZ+pceD:0tRJY0KfyVO4mlD5v3QglpceD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dd7401ef9546b3f82bd8b39608e5af6_JaffaCakes118

Files

8dd7401ef9546b3f82bd8b39608e5af6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7102aa32b3dd15f7bf77b409c039b181

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Rojati\Ugas\Sydubo\enaqij.pdb

Imports

kernel32

CreateProcessA
CloseHandle
GetStartupInfoA
CopyFileA
DeleteFileA
GetTickCount
Sleep
GetCurrentThreadId
FreeLibrary
LoadLibraryA
GetProcAddress
GetProfileStringW
VirtualProtect
CreateToolhelp32Snapshot
Module32First
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetModuleHandleA
GetCommandLineA
GetVersionExA
HeapFree
GetLastError
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
SetFilePointer
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetStdHandle
FlushFileBuffers
CreateFileA
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
SetEndOfFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetSystemInfo

ole32

CoUninitialize
CoCreateInstance
OleUninitialize
OleInitialize
CoInitialize

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 324KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7102aa32b3dd15f7bf77b409c039b181

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 228KB - Virtual size: 227KB

.data Size: 324KB - Virtual size: 1.0MB

.tls Size: 4KB - Virtual size: 53B

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 324KB - Virtual size: 1.0MB

.tls
Size: 4KB - Virtual size: 53B

.rsrc
Size: 8KB - Virtual size: 6KB