feb50dd5b8d8a14ca5d84cff8c0eec50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

feb50dd5b8d8a14ca5d84cff8c0eec50_JaffaCakes118
Size

276KB
MD5

feb50dd5b8d8a14ca5d84cff8c0eec50
SHA1

603b4747bba5ce35ac594edb42599d0568214b86
SHA256

bea28946d2ca3be7a795a3d55deeb037c033c4543a220a2d24b4be9ab13eb57d
SHA512

76dcd9eb31bf700a93204d7eb67ba5825cd46d7567ddc3e70009d9e88d49b916769ac09dac9c75e5602a4335936b8a404852726bf7d5017e362a8c319d0329ef
SSDEEP

6144:7lqW2DUmIkMva9CtrnpH7bxnI6MFX7WmSAGJ7oqx/V:hU/0a9urpP66UrrSAM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb50dd5b8d8a14ca5d84cff8c0eec50_JaffaCakes118

Files

feb50dd5b8d8a14ca5d84cff8c0eec50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42b477c9cded39822281730b899be6f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Ytafexa\Osiracigy\Eqytymukoc\Ozusifobe\Cahogafi\Azujomihi\Pymekysixo\Wahuqa\Suficogef\Ulypygukoq\Emuhucuqih.pdb

Imports

user32

PostMessageA
InvalidateRect
OpenClipboard
ValidateRect
BeginPaint
DestroyMenu
GetSystemMetrics
MapWindowPoints

ole32

CoRevokeClassObject
OleUninitialize
CoInitialize
OleInitialize

loadperf

InstallPerfDllA

lz32

LZStart
CopyLZFile
LZOpenFileA
LZRead
LZClose
LZDone
LZInit
LZSeek

kernel32

GetCurrentThreadId
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetTimeZoneInformation
CreateFileA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
WriteConsoleW
VirtualProtect
LoadLibraryA
GetSystemInfo
ExpandEnvironmentStringsA
GetVolumeInformationA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
CloseHandle
WriteFile
SetFilePointer
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
RtlUnwind
HeapSize
InterlockedExchange
VirtualQuery
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetTimeFormatA
GetDateFormatA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42b477c9cded39822281730b899be6f1

Headers

File Characteristics

PDB Paths

Imports

user32

ole32

loadperf

lz32

kernel32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 140KB - Virtual size: 377KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 140KB - Virtual size: 377KB