13974a0f994a3a40a83d015a6c8b12da_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

13974a0f994a3a40a83d015a6c8b12da_JaffaCakes118
Size

13.0MB
MD5

13974a0f994a3a40a83d015a6c8b12da
SHA1

0139893ab4719393dc705cd6608e166834257bd4
SHA256

b84bb080a22f994873d4d2cf98537682949325dfc95364266bf52faebc8e37ef
SHA512

36856916e980c28f088937a846f5ca995f0245101da9e07a898aa9f7d3d870e56a492441cee1a2942857525e71c7ae34b7d79abc0a8d1b93d315ff6b41d1b14f
SSDEEP

196608:p1hCVMRT/mEb3nwvDPTZTIbcHVSG7FwuZXZd:rhCIb3wrPObcHJ7jpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
13974a0f994a3a40a83d015a6c8b12da_JaffaCakes118

Files

13974a0f994a3a40a83d015a6c8b12da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

08b2b759e2fdb8f29e60c592875ae04b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetSystemPowerStatus
DeleteVolumeMountPointW
GetDefaultCommConfigW
CreateMutexW
GetStdHandle
InterlockedDecrement
SetSystemTimeAdjustment
FileTimeToSystemTime
GetNamedPipeHandleStateW
CallNamedPipeW
EnumResourceNamesW
BuildCommDCBAndTimeoutsA
EnterCriticalSection
DebugSetProcessKillOnExit
EnumTimeFormatsW
TlsSetValue
GetACP
WriteFile
GetCurrentActCtx
ReleaseActCtx
AddRefActCtx
GetHandleInformation
OpenFile
VerifyVersionInfoA
GetVersionExA
FreeLibrary
LoadLibraryExW
GetComputerNameA
CommConfigDialogA
VirtualProtect
GetProcessPriorityBoost
LoadLibraryW
GlobalAlloc
SetEndOfFile
CancelWaitableTimer
GetCurrentDirectoryW
VirtualFree
GetCommMask
HeapFree
RaiseException
GetBinaryTypeA
GlobalSize
SetConsoleMode
GetLargestConsoleWindowSize
WriteConsoleInputW
OpenMutexW
SetThreadContext
AddAtomW
FindVolumeMountPointClose
GetSystemTime
GetCommandLineA
SetLocalTime
GetSystemTimeAsFileTime
DisconnectNamedPipe
SetConsoleCursorInfo
TerminateProcess
GetFileAttributesW
GetLastError
lstrlenA
CompareStringW
CompareStringA
lstrcpyA
CreateJobObjectW
RtlUnwind
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetCurrentThread
Sleep
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FatalAppExitA
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapSize
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
ReadFile
SetFilePointer
GetLocaleInfoW
CloseHandle
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
GetTimeZoneInformation
CreateFileA
SetEnvironmentVariableA

user32

GetComboBoxInfo

advapi32

ClearEventLogW

Sections

.ypedrz
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lugeuj
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ymgpsn
Size: 325KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dhkbqp
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.afsdhl
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srllyh
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sopnqc
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lpibuj
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.viubwt
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08b2b759e2fdb8f29e60c592875ae04b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.ypedrz Size: 160KB - Virtual size: 160KB

.lugeuj Size: 18KB - Virtual size: 18KB

.ymgpsn Size: 325KB - Virtual size: 4.3MB

.dhkbqp Size: 13KB - Virtual size: 13KB

.nv_fatb Size: 1024KB - Virtual size: 1024KB

.afsdhl Size: 1024KB - Virtual size: 1024KB

.rodata Size: 1024KB - Virtual size: 1024KB

.srllyh Size: 1024KB - Virtual size: 1024KB

.sopnqc Size: 1024KB - Virtual size: 1024KB

.text Size: 1024KB - Virtual size: 1024KB

.rsrc Size: 1024KB - Virtual size: 1024KB

.rdata Size: 1024KB - Virtual size: 1024KB

.lpibuj Size: 1024KB - Virtual size: 1024KB

.viubwt Size: 1024KB - Virtual size: 1024KB

.data Size: 1024KB - Virtual size: 1024KB

.pdata Size: 1024KB - Virtual size: 1024KB

.ypedrz
Size: 160KB - Virtual size: 160KB

.lugeuj
Size: 18KB - Virtual size: 18KB

.ymgpsn
Size: 325KB - Virtual size: 4.3MB

.dhkbqp
Size: 13KB - Virtual size: 13KB

.nv_fatb
Size: 1024KB - Virtual size: 1024KB

.afsdhl
Size: 1024KB - Virtual size: 1024KB

.rodata
Size: 1024KB - Virtual size: 1024KB

.srllyh
Size: 1024KB - Virtual size: 1024KB

.sopnqc
Size: 1024KB - Virtual size: 1024KB

.text
Size: 1024KB - Virtual size: 1024KB

.rsrc
Size: 1024KB - Virtual size: 1024KB

.rdata
Size: 1024KB - Virtual size: 1024KB

.lpibuj
Size: 1024KB - Virtual size: 1024KB

.viubwt
Size: 1024KB - Virtual size: 1024KB

.data
Size: 1024KB - Virtual size: 1024KB

.pdata
Size: 1024KB - Virtual size: 1024KB