dab51c169aa4c5a634a7928e46d131d2_JaffaCakes118

General

Target

dab51c169aa4c5a634a7928e46d131d2_JaffaCakes118
Size

274KB
MD5

dab51c169aa4c5a634a7928e46d131d2
SHA1

608aee151d918bc8d2f1e15f8d1ee0bb51073260
SHA256

f76b97e11c5422f513b01f4b5f72487d7fdd518900253173a70d45b4ac0867bb
SHA512

4cc6b586806a4a2346f6035a9f36d8d4745cb30e1baaa1609c498dd364ac1b89b2ea9ecb07c3e80004653c93a07e1a50b8ae0aa4633fcd25254da961f9b3c238
SSDEEP

6144:SbPctpDSwHxcnsITqngB5ffsHpFBKvTLyzEB3:SbPSDtHxDBkZipjKuEB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dab51c169aa4c5a634a7928e46d131d2_JaffaCakes118

Files

dab51c169aa4c5a634a7928e46d131d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71b5e14a35366afeb7013b7f8cb9fc21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
CloseHandle
DeviceIoControl
CreateFileA
Sleep
WaitForSingleObject
CreateThread
CreateEventA
CreateProcessA
WriteFile
GetModuleFileNameA
CreateMutexA
WaitForMultipleObjects
CreateSemaphoreA
GetProcessHeap
SetLastError
ReleaseMutex
ReleaseSemaphore
LocalAlloc
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetLocaleInfoA
GetACP
SetEvent
InterlockedExchange
LoadLibraryA
GetFileType
LockResource
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeLibrary
GetStdHandle
FlushFileBuffers
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
HeapDestroy
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
GetProcAddress
ExitProcess
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
GetTempPathA
CreateFileA
WriteFile
CloseHandle
ExitProcess
LoadLibraryA
GetProcAddress
ExitProcess

ntdll

RtlDeleteCriticalSection
RtlAllocateHeap
RtlFreeHeap
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlReAllocateHeap
RtlSizeHeap
RtlUnwind

Sections

BuzzME
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71b5e14a35366afeb7013b7f8cb9fc21

Headers

File Characteristics

Imports

kernel32

ntdll

Sections

BuzzME Size: 273KB - Virtual size: 273KB

BuzzME
Size: 273KB - Virtual size: 273KB