afb55114359ee01297cf0c035ec866aa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

afb55114359ee01297cf0c035ec866aa_JaffaCakes118
Size

139KB
MD5

afb55114359ee01297cf0c035ec866aa
SHA1

9ca46e4557106c45f4ab47bab2bee362781d64b8
SHA256

d2b0b440c322cb56d1c59843f33a7da019aec37a0184940a7f11c9cb10cd1374
SHA512

47a34dfd8c4262b705ac3a2dc2a81f9c508daa8bda1fa00290ef911bd284174e4c83569edab3860c6cb4970fccd2f16e8519631682f068bd316379393b23d5dd
SSDEEP

3072:jekBgsw2pqCx3D3P/iIlApzHMREfAO7QIH39BEkqieGhl:rgqsCRjirtMRiAO8IH3PBeOl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afb55114359ee01297cf0c035ec866aa_JaffaCakes118

Files

afb55114359ee01297cf0c035ec866aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4865f9e3486dbadc0c89e2df543d7757

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\git\qtools\winbuild\Release\qwdirect.pdb

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
CreateFileA
GetCommState
GetTickCount
WriteFile
SetCommState
SetCommTimeouts
ReadFile
FlushFileBuffers
PurgeComm
CloseHandle
EncodePointer
DecodePointer
GetLastError
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
RtlUnwind
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetModuleFileNameW
Sleep
LoadLibraryExW
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetCurrentThreadId
GetProcessHeap
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
OutputDebugStringW
LoadLibraryW
HeapSize
HeapAlloc
HeapReAlloc
CompareStringW
LCMapStringW
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
CreateFileW
SetEndOfFile

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4865f9e3486dbadc0c89e2df543d7757

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 57KB

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 37KB - Virtual size: 40KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 57KB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 37KB - Virtual size: 40KB