efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118
Size

615KB
MD5

efe92ca1be0addb4fc98740c3433e6b8
SHA1

571ce44d048685634d3c80254fbd05f6951bf35b
SHA256

fe7c9093446f4bdd5cf993e91b0a6c42780cfac8d4d71dfdbb3c565e633f767f
SHA512

b6fbf86607ba6aa648b29c74bb3fef34c32894c1aa7bdf79aad0849572f74199528b2c58e3a550897b0805745cb38bf3b4da59dc0d2adb216bc6e29918cf5449
SSDEEP

12288:MIWNUtkWj/SVSuArvtADZv3ElWnVuL9h1pBQG2Rb6Ftr9roPr:oUt1j/n91A1vLnVuLDBIpyV9ro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118

Files

efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0bf74f4f09ed29bdffcbd9f44432dc97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\rexocilivutuhaluloki lamurifif.pdb

Imports

kernel32

ReadConsoleA
GetProcAddress
LoadLibraryA
GetTempPathW
IsProcessorFeaturePresent
GetSystemDirectoryA
WaitForMultipleObjects
GetTapeParameters
EnumTimeFormatsW
TzSpecificLocalTimeToSystemTime
VerifyVersionInfoW
GetModuleHandleW
LocalAlloc
GetConsoleAliasExesLengthW
FindClose
GetTickCount
GetLongPathNameW
GetLastError
HeapFree
HeapAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FatalAppExitA
HeapCreate
HeapDestroy
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
Sleep
RtlUnwind
SetFilePointer
WriteConsoleW
MultiByteToWideChar
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
HeapReAlloc
CreateFileW
GetStringTypeW
LCMapStringW
HeapSize
ReadFile
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

advapi32

RegQueryInfoKeyW
OpenBackupEventLogA
CloseEventLog
ReportEventA
SetFileSecurityA

Sections

.text
Size: 502KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cawoc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bf74f4f09ed29bdffcbd9f44432dc97

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 502KB - Virtual size: 501KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 7KB - Virtual size: 5.0MB

.tls Size: 512B - Virtual size: 9B

.cawoc Size: 1024B - Virtual size: 1024B

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 502KB - Virtual size: 501KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 7KB - Virtual size: 5.0MB

.tls
Size: 512B - Virtual size: 9B

.cawoc
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 18KB - Virtual size: 17KB