8f129ca0e882e49208ef4749bfaab916_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8f129ca0e882e49208ef4749bfaab916_JaffaCakes118
Size

4.0MB
MD5

8f129ca0e882e49208ef4749bfaab916
SHA1

6a44d8e9af5097a8f2fd5e9928fd1d29c483aa53
SHA256

19524f18ed92072060b9e7cb4bc49b2c8a48341f42dd981fbb9989798f1ca1fa
SHA512

d97b9a0b5d8dd80a0138eb4e33ec00be66e57f5978eb1614d05c0d60c6390a546097e454249ca207aa1f6ec04fcf2e44cdca4a84dfc5bd905f2a9d9c0991987d
SSDEEP

98304:fpvKw4l/aCvEhf/EtxpQD4x1K0hp476EtDF:f8NHEdEzy4DK0hp476I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8f129ca0e882e49208ef4749bfaab916_JaffaCakes118

Files

8f129ca0e882e49208ef4749bfaab916_JaffaCakes118
.exe windows:5 windows x86 arch:x86

41ac4db4a26c0a45cd8489a943fa64d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
SetEndOfFile
FreeLibrary
CallNamedPipeA
SetUnhandledExceptionFilter
InterlockedDecrement
SetEnvironmentVariableW
GetProfileSectionA
WaitForSingleObject
OpenSemaphoreA
SetTapeParameters
ReadConsoleW
SetCommState
SetProcessPriorityBoost
GetPriorityClass
ActivateActCtx
GetConsoleMode
CopyFileW
GetPrivateProfileStructW
LeaveCriticalSection
WritePrivateProfileStructW
ReadFile
lstrcatA
GetBinaryTypeW
GetACP
ExitThread
FindNextVolumeMountPointW
DisconnectNamedPipe
GetNamedPipeHandleStateW
GetStdHandle
IsDBCSLeadByteEx
GetCurrentDirectoryW
SetLastError
GetProcAddress
SetVolumeLabelW
GetConsoleDisplayMode
LoadLibraryA
LocalAlloc
BuildCommDCBAndTimeoutsW
SetCurrentDirectoryW
SetFileApisToANSI
AddAtomA
GetTapeParameters
CreateMutexA
EnumResourceNamesA
GetVersionExA
LocalFree
GetLastError
MoveFileA
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
EnterCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
SetStdHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
InterlockedIncrement
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
RtlUnwind
MultiByteToWideChar
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
GetModuleHandleA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
CreateFileA
CloseHandle

Exports

Exports

_asdasfafswery@8
_asdga@4
_every@4
_trutovik@4
_weewgg@8

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41ac4db4a26c0a45cd8489a943fa64d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 39.5MB

.tls Size: 512B - Virtual size: 89B

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 39.5MB

.tls
Size: 512B - Virtual size: 89B

.rsrc
Size: 21KB - Virtual size: 20KB