cd066b6a5ec5e3510a4e76e4c6977865_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cd066b6a5ec5e3510a4e76e4c6977865_JaffaCakes118
Size

3.7MB
MD5

cd066b6a5ec5e3510a4e76e4c6977865
SHA1

398b7507a8268e128cc74fce03df67f17f397a02
SHA256

659f1486ab445970a9f8516268293284d768175bf168cfe707ec44a67a2939e9
SHA512

7a0b63f9e13abe4463906f4b4ab011bffabbb188bd42e634b388886c287e9474171fa156f6e3b4b59a14e6d892dbcc02e1bf8cd0479d44fb88d7ea63873ccb22
SSDEEP

98304:esvSE5s9OymGQhl5WAIfOZnlo44NiNZnBj5OOC3:bvSfaHPIfOB4Nmj5ZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd066b6a5ec5e3510a4e76e4c6977865_JaffaCakes118

Files

cd066b6a5ec5e3510a4e76e4c6977865_JaffaCakes118
.exe windows:5 windows x86 arch:x86

22169d782a111d5b504fecafbdb98d29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalUnlock
SetDefaultCommConfigA
lstrlenA
WritePrivateProfileStructA
SetLocalTime
GetNumberOfConsoleInputEvents
FindResourceExW
CallNamedPipeA
LoadLibraryExW
ReadConsoleA
InterlockedDecrement
CompareFileTime
CreateJobObjectW
GetUserDefaultLCID
InterlockedCompareExchange
OpenSemaphoreA
FreeEnvironmentStringsA
_lclose
SetTapeParameters
GetProcessPriorityBoost
CreateNamedPipeW
GetSystemTimeAsFileTime
WriteFile
TlsSetValue
LoadLibraryW
Sleep
DeleteVolumeMountPointW
IsDBCSLeadByte
lstrcatA
SetThreadPriority
DisconnectNamedPipe
DeactivateActCtx
GetLastError
GetProcAddress
BeginUpdateResourceW
SetVolumeLabelW
WriteProfileSectionA
IsValidCodePage
EnterCriticalSection
_hwrite
LoadLibraryA
WriteConsoleA
LocalAlloc
TransmitCommChar
SetCurrentDirectoryW
SetFileApisToANSI
GetTapeParameters
WaitForMultipleObjects
GetPrivateProfileSectionNamesA
GetOEMCP
EnumDateFormatsA
GetCommTimeouts
CreateMutexA
RequestWakeupLatency
GetVersionExA
LocalSize
lstrcpyA
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetModuleHandleA
RaiseException

Exports

Exports

_geek@8
_gekelberifin@8

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ratobe
Size: 512B - Virtual size: 357B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yituhip
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22169d782a111d5b504fecafbdb98d29

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 3.3MB

.ratobe Size: 512B - Virtual size: 357B

.yituhip Size: 1024B - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 23KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 3.3MB

.ratobe
Size: 512B - Virtual size: 357B

.yituhip
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 23KB