e36cb625293aa37390821bf199e86080_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e36cb625293aa37390821bf199e86080_JaffaCakes118
Size

647KB
MD5

e36cb625293aa37390821bf199e86080
SHA1

58e38f965e4f6f5fff569189429ed0161edd1b7f
SHA256

985225cecc47e9f5910f6770e0b7b73fa53a69b18469d112f581264c2a2f508f
SHA512

b0a4747bad07ace70a9197590d9b7c7bbfb7a947eafc82fc2648524538ceda3813745e7b7c76a499f9898a3f369c703b92766d603973bb119a935859c3cc6e15
SSDEEP

12288:hEsADzr9PXyDlWKXs/5jI6d+0zLgHYHdVSgdwPslhuwkvf41QRuTx34:hEsAPJfyDlWCc5jId0zQmdVSxwacQw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e36cb625293aa37390821bf199e86080_JaffaCakes118

Files

e36cb625293aa37390821bf199e86080_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6977b40296e173ba609cc5e89071f159

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
HeapAlloc
SystemTimeToFileTime
SetFilePointerEx
QueryPerformanceCounter
HeapFree
WaitForSingleObject
InterlockedCompareExchange
UnlockFile
LockFile
WaitForSingleObjectEx
OutputDebugStringW
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
GetProcAddress
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
OutputDebugStringA
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStringTypeA
ExitProcess
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleHandleA

Sections

.text
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 496KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6977b40296e173ba609cc5e89071f159

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 375KB - Virtual size: 375KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 448B

.reloc Size: 15KB - Virtual size: 14KB

.vmp0 Size: 192KB - Virtual size: 496KB

.text
Size: 375KB - Virtual size: 375KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 448B

.reloc
Size: 15KB - Virtual size: 14KB

.vmp0
Size: 192KB - Virtual size: 496KB