JaffaCakes118_3a708d178a751b793015717b87cae2f7076ce282b864cb8047e50c42311854f4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_3a708d178a751b793015717b87cae2f7076ce282b864cb8047e50c42311854f4
Size

162KB
MD5

8008e02e4cb1f0e2b87288cd3d852da6
SHA1

736b356dfc29c1afdf88917c1d33372902dce93b
SHA256

3a708d178a751b793015717b87cae2f7076ce282b864cb8047e50c42311854f4
SHA512

25f1b5dc7ed852bd6f4f422f898d066a2d9e3fca85499ca87bcbc31df25070c078b36536d9c6928c5538ed391618d6a24b7295447fadff44e8e06ee720fc4e4c
SSDEEP

3072:1eETfO/YHuTuccAkkn5RkD3E98fbrt6umzkvCJ4PtJq7Z4hSTMnlAJVFNp:08Gwy2DUDG308PoumqCwtIZnVF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/af01d12df06f34e81f3772a1b661eef4f9086a73d953ea1c92a8408c4efa2e77

Files

JaffaCakes118_3a708d178a751b793015717b87cae2f7076ce282b864cb8047e50c42311854f4
.zip
af01d12df06f34e81f3772a1b661eef4f9086a73d953ea1c92a8408c4efa2e77
.exe windows:5 windows x86 arch:x86

5a73492475df1156d8995333b14997c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\secuyilotibap60\kala23\moxoj.pdb

Imports

kernel32

WriteProfileSectionA
GetNumaHighestNodeNumber
FindFirstVolumeA
FlushConsoleInputBuffer
HeapLock
FindFirstChangeNotificationA
WaitForSingleObject
GetNamedPipeHandleStateW
FileTimeToDosDateTime
EnumResourceTypesW
EnumResourceNamesA
GetTimeZoneInformation
TerminateThread
WaitForMultipleObjectsEx
GetVersionExW
VerifyVersionInfoW
GetConsoleOutputCP
SetEvent
FindNextFileW
CopyFileExA
BuildCommDCBAndTimeoutsW
GetConsoleAliasesLengthW
GetCompressedFileSizeA
ReadConsoleOutputCharacterA
SetDefaultCommConfigA
VerLanguageNameW
_hread
GetCommConfig
WritePrivateProfileStructW
FreeEnvironmentStringsA
CreateTimerQueue
FindVolumeClose
ResetWriteWatch
WriteConsoleInputA
SetWaitableTimer
SetComputerNameExA
FindAtomA
LoadResource
GetThreadTimes
CallNamedPipeW
VirtualProtect
GetModuleHandleA
GlobalAlloc
VerifyVersionInfoA
GlobalWire
GetProfileSectionW
GetCommandLineA
InterlockedDecrement
CopyFileA
AddRefActCtx
OutputDebugStringW
FormatMessageA
SetDllDirectoryW
SetPriorityClass
WritePrivateProfileStringA
GetUserDefaultLangID
GlobalFix
GetVersionExA
HeapValidate
InterlockedCompareExchange
GetStartupInfoW
ConnectNamedPipe
GetLastError
GetCalendarInfoA
GetComputerNameExW
SetConsoleTextAttribute
SetLastError
CopyFileW
GetCPInfoExW
GetSystemWindowsDirectoryA
GetSystemWow64DirectoryW
GetPrivateProfileSectionNamesA
ContinueDebugEvent
InterlockedExchange
GetOEMCP
GetConsoleAliasA
lstrlenA
LoadLibraryW
ReadConsoleA
WriteConsoleA
GetPrivateProfileSectionNamesW
FileTimeToSystemTime
GetSystemTimeAsFileTime
EnumCalendarInfoExW
SetThreadIdealProcessor
EnumDateFormatsExW
VerSetConditionMask
CreateConsoleScreenBuffer
GetConsoleAliasW
GetWindowsDirectoryW
GetProfileStringA
CreateIoCompletionPort
AllocConsole
GetNumaNodeProcessorMask
GetConsoleAliasExesLengthW
CreateMailslotW
GetCommState
SetThreadContext
CheckRemoteDebuggerPresent
GetSystemTimeAdjustment
_lwrite
EnumSystemLocalesW
GetConsoleAliasExesLengthA
MoveFileW
GetWriteWatch
GetModuleHandleW
GetPrivateProfileStringW
GetProfileStringW
CreateActCtxW
CreateJobSet
CancelDeviceWakeupRequest
AreFileApisANSI
OpenWaitableTimerA
OpenFileMappingW
GetProcessHandleCount
UnhandledExceptionFilter
SetProcessShutdownParameters
PeekNamedPipe
FillConsoleOutputCharacterA
FindNextVolumeMountPointA
SetThreadPriority
InitAtomTable
CreateFileA
InitializeCriticalSection
AddAtomW
WriteConsoleOutputCharacterW
GetConsoleAliasExesA
GetBinaryTypeA
DebugBreak
LoadLibraryA
SetUnhandledExceptionFilter
DeleteFileA
RaiseException
GetStartupInfoA
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetProcAddress
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
Sleep
InterlockedIncrement
ExitProcess
GetModuleFileNameA
WriteFile
GetStdHandle
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WriteConsoleW
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
CloseHandle

gdi32

GetBitmapBits

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 718KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a73492475df1156d8995333b14997c8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

Sections

.text Size: 181KB - Virtual size: 181KB

.data Size: 70KB - Virtual size: 718KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 181KB - Virtual size: 181KB

.data
Size: 70KB - Virtual size: 718KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 16KB - Virtual size: 16KB