8e6e835dede4156784b26cb01339f050_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8e6e835dede4156784b26cb01339f050_JaffaCakes118
Size

252KB
MD5

8e6e835dede4156784b26cb01339f050
SHA1

d0f3846526cf7ed69b67301e419f72ce8ba981fd
SHA256

8ad6deb9fd771066e35d6a4806f5164a9c4df53418966715778c1d7ffc063762
SHA512

05a4bda590b1d147aeb2a32b5c0c758700c585502083c003295b4ebe46927455e646b67b3570c11981441c3f90fb89e1441b72b7192755c8b8fa3efb50979516
SSDEEP

6144:pIYAQk0weX2qSCpwv3+Ag/DomARu+Vd9Unv:CY3k2X2qJpC3PoX+VP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e6e835dede4156784b26cb01339f050_JaffaCakes118

Files

8e6e835dede4156784b26cb01339f050_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d10a8638b211d5dc69b0ecc2a3215cd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
lstrlenA
BuildCommDCBAndTimeoutsA
FreeLibrary
LocalCompact
SetUnhandledExceptionFilter
GetCommState
ReadConsoleA
InterlockedDecrement
SetEnvironmentVariableW
GetProfileSectionA
WaitForSingleObject
CallNamedPipeW
SetTapeParameters
GetProcessPriorityBoost
GetModuleHandleW
LocalFlags
FindNextVolumeMountPointA
GetConsoleMode
CopyFileW
WritePrivateProfileStructW
SetSystemPowerState
lstrcatA
GetACP
SetPriorityClass
lstrlenW
DisconnectNamedPipe
DeactivateActCtx
CreateJobObjectA
GetNamedPipeHandleStateW
GlobalUnfix
IsDBCSLeadByteEx
SetLastError
GetProcAddress
ReadFileEx
SetStdHandle
GetConsoleDisplayMode
GetLocalTime
LoadLibraryA
LocalAlloc
SetFileApisToANSI
FindAtomA
GetPrivateProfileStructA
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
OpenSemaphoreW
lstrcpyA
ExitThread
CreateMutexW
InterlockedIncrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetLastError
HeapFree
HeapAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
VirtualAlloc
HeapReAlloc
GetCPInfo
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
CloseHandle

advapi32

SetThreadToken

Exports

Exports

_alendelon@0
_gibbon@4
_gifgeek@8
_odekolon@4

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 675KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d10a8638b211d5dc69b0ecc2a3215cd4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 222KB - Virtual size: 222KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 6KB - Virtual size: 675KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 222KB - Virtual size: 222KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 6KB - Virtual size: 675KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 8KB - Virtual size: 8KB