1b7dbf198800af119607b4fd81e60e59_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1b7dbf198800af119607b4fd81e60e59_JaffaCakes118
Size

10.5MB
MD5

1b7dbf198800af119607b4fd81e60e59
SHA1

f68c015bad7ec31ee18d4e097931511f329d59fc
SHA256

4119098cb2c53b1fc2619b83c3eecee5e07dfda7c9e6734fd145721fad15cf65
SHA512

a432c931059746150d0072a212d102352640de6f8e81624b9549e7dd1f3883b14f71c549312af5bf24f0038ba23f43163d43057922cdf0ebb3b28e567ba9c9c9
SSDEEP

6144:frxbJOIoKZyaaUo9t+m7c74mOGjZP6NEpTvBzRxkac1B:jF/ZyaaUk+m7c7ZRiNEpTGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7dbf198800af119607b4fd81e60e59_JaffaCakes118

Files

1b7dbf198800af119607b4fd81e60e59_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb2ce1e2182a201f95af251a96da1408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xuzukenol\bewegeg-nejogifafigi 69\wetirosamo_hog\bul\k.pdb

Imports

kernel32

FileTimeToDosDateTime
HeapReAlloc
GetNativeSystemInfo
CopyFileExW
TlsGetValue
GetStringTypeA
CallNamedPipeA
InterlockedIncrement
GetCommState
ReadConsoleA
GetNamedPipeHandleStateA
CreateDirectoryW
GlobalLock
SetHandleInformation
GetProfileStringW
GetProfileSectionA
CancelWaitableTimer
FreeEnvironmentStringsA
GetPrivateProfileStringW
GetCommandLineA
GlobalAlloc
LoadLibraryW
TerminateThread
GetSystemWindowsDirectoryA
VerifyVersionInfoA
EnumResourceLanguagesA
IsDBCSLeadByte
GetCompressedFileSizeA
GetSystemDirectoryA
lstrlenW
SetThreadPriority
GetStartupInfoW
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedExchange
GetStartupInfoA
GetStdHandle
GetCPInfoExW
GetLastError
GetThreadLocale
GetProcAddress
EnterCriticalSection
CreateMemoryResourceNotification
DisableThreadLibraryCalls
LoadLibraryA
FindAtomA
SetSystemTime
GetOEMCP
Process32NextW
FindNextFileA
WriteProfileStringA
GetModuleHandleA
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetCurrentThreadId
LocalSize
UnregisterWaitEx
LCMapStringW
GetVolumeInformationW
HeapValidate
IsBadReadPtr
RaiseException
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
RtlUnwind
GetACP
GetCPInfo
IsValidCodePage
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetModuleFileNameA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
WriteFile
HeapAlloc
HeapSize
VirtualAlloc
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointer
CloseHandle
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA

winhttp

WinHttpWriteData

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10.2MB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2ce1e2182a201f95af251a96da1408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

winhttp

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 68KB - Virtual size: 124KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 10.2MB - Virtual size: 13KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 68KB - Virtual size: 124KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 10.2MB - Virtual size: 13KB