434673e338fe37487135754c5b6b1cb9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

434673e338fe37487135754c5b6b1cb9_JaffaCakes118
Size

981KB
MD5

434673e338fe37487135754c5b6b1cb9
SHA1

efe477fbebb14796ebbcae12eb20176a0bfbbba1
SHA256

a0393722f60274f38fbf26e2385424c0e7e52c67eafe5be4011ed1edcfcf10cf
SHA512

19f618e7f67393ed70f2f8e1cfda75b59a8a8779d28f217fae1989c3c3fdf7392550691533bd9854e3ec784aed04ff6b8e12d2c421992d61f493de239b7972b6
SSDEEP

24576:x8GuqIDuPCAI+AaSfkRaApb6S64o0I3+/38s:xTID0CqAhk76Sxo0y+/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
434673e338fe37487135754c5b6b1cb9_JaffaCakes118

Files

434673e338fe37487135754c5b6b1cb9_JaffaCakes118
.exe windows:6 windows x86 arch:x86

f56e6b7b1e7edddf468836d32c832cbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Work\facebook\database\Release\DiskScan.pdb

Imports

kernel32

LoadLibraryW
GetProcAddress
GetShortPathNameA
MultiByteToWideChar
WideCharToMultiByte
GetConsoleCP
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
EncodePointer
DecodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
RaiseException
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
GetStdHandle
GetCommandLineA
GetCommandLineW
GetACP
SetFilePointerEx
GetFileType
GetConsoleMode
ReadConsoleW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW

Sections

.text
Size: 825KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddatt
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f56e6b7b1e7edddf468836d32c832cbf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 825KB - Virtual size: 825KB

.rdata Size: 118KB - Virtual size: 117KB

.data Size: 8KB - Virtual size: 15KB

.ddatt Size: 512B - Virtual size: 40B

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 825KB - Virtual size: 825KB

.rdata
Size: 118KB - Virtual size: 117KB

.data
Size: 8KB - Virtual size: 15KB

.ddatt
Size: 512B - Virtual size: 40B

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 27KB - Virtual size: 26KB