40a22b8b25173fab796f01c5f6279cb8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40a22b8b25173fab796f01c5f6279cb8_JaffaCakes118
Size

14.2MB
MD5

40a22b8b25173fab796f01c5f6279cb8
SHA1

2e23ee8c8f97fa749637694b0d00025800157f68
SHA256

b6cf6e78306d7eb742e4f758aad5eea3248fdd6c6243ee069e90e9c4c64c373e
SHA512

b580fee075112912c366c6f8fee223a7afb5d5e78c86989344285df35b5ebc48a072ec3a55ee5713d705dc553e907f14c7b5722e55209c23611077161c883c50
SSDEEP

6144:ArxbJOIoKZyaaUo9t+m7c74mOGjZP6NEpTvBzRxkac1B:MF/ZyaaUk+m7c7ZRiNEpTGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a22b8b25173fab796f01c5f6279cb8_JaffaCakes118

Files

40a22b8b25173fab796f01c5f6279cb8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb2ce1e2182a201f95af251a96da1408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xuzukenol\bewegeg-nejogifafigi 69\wetirosamo_hog\bul\k.pdb

Imports

kernel32

FileTimeToDosDateTime
HeapReAlloc
GetNativeSystemInfo
CopyFileExW
TlsGetValue
GetStringTypeA
CallNamedPipeA
InterlockedIncrement
GetCommState
ReadConsoleA
GetNamedPipeHandleStateA
CreateDirectoryW
GlobalLock
SetHandleInformation
GetProfileStringW
GetProfileSectionA
CancelWaitableTimer
FreeEnvironmentStringsA
GetPrivateProfileStringW
GetCommandLineA
GlobalAlloc
LoadLibraryW
TerminateThread
GetSystemWindowsDirectoryA
VerifyVersionInfoA
EnumResourceLanguagesA
IsDBCSLeadByte
GetCompressedFileSizeA
GetSystemDirectoryA
lstrlenW
SetThreadPriority
GetStartupInfoW
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedExchange
GetStartupInfoA
GetStdHandle
GetCPInfoExW
GetLastError
GetThreadLocale
GetProcAddress
EnterCriticalSection
CreateMemoryResourceNotification
DisableThreadLibraryCalls
LoadLibraryA
FindAtomA
SetSystemTime
GetOEMCP
Process32NextW
FindNextFileA
WriteProfileStringA
GetModuleHandleA
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetCurrentThreadId
LocalSize
UnregisterWaitEx
LCMapStringW
GetVolumeInformationW
HeapValidate
IsBadReadPtr
RaiseException
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
RtlUnwind
GetACP
GetCPInfo
IsValidCodePage
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetModuleFileNameA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
WriteFile
HeapAlloc
HeapSize
VirtualAlloc
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointer
CloseHandle
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA

winhttp

WinHttpWriteData

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13.9MB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2ce1e2182a201f95af251a96da1408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

winhttp

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 68KB - Virtual size: 124KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 13.9MB - Virtual size: 13KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 68KB - Virtual size: 124KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 13.9MB - Virtual size: 13KB