JaffaCakes118_7e8c908350a3cc5290846a2fc29f82f87d92f2ab391cfda9052facd690640e58

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7e8c908350a3cc5290846a2fc29f82f87d92f2ab391cfda9052facd690640e58
Size

957KB
MD5

7207fa9a4d34f565d145806e433a58cb
SHA1

a381f5e346112b19e559b9e4a9b3986017c847ff
SHA256

7e8c908350a3cc5290846a2fc29f82f87d92f2ab391cfda9052facd690640e58
SHA512

ff8cdc3bf58ca44a0c14175ea9935fd1253c8271d97fdfe5711b1eea7350323813b2430ae9eaf2f85c7e7f5b5529802cc65f749b1c3014516ecfc933dfae4234
SSDEEP

24576:AbNojCNKnoyEtPZ9Z0WeUnZ0WelLkzjF+4+LkzjF+4:tutbZ0WeUnZ0WelLkzjFALkzjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7e8c908350a3cc5290846a2fc29f82f87d92f2ab391cfda9052facd690640e58

Files

JaffaCakes118_7e8c908350a3cc5290846a2fc29f82f87d92f2ab391cfda9052facd690640e58
.exe windows:0 windows x86 arch:x86

1b20e823590a65ad6d345c463b7a7297

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

ExitProcess
GetCommandLineW
GetTempFileNameW
SetVolumeLabelA
SetFilePointer
WritePrivateProfileStructA
SetLocalTime
DebugActiveProcessStop
GetNumberOfConsoleInputEvents
BuildCommDCBAndTimeoutsA
DeleteVolumeMountPointA
SetConsoleActiveScreenBuffer
WritePrivateProfileSectionA
CreateJobObjectW
WaitForSingleObject
WriteConsoleInputA
SetComputerNameW
GetSystemDefaultLCID
SetTapeParameters
GetProcessPriorityBoost
IsBadReadPtr
EnumTimeFormatsW
GetUserDefaultLangID
SetCommState
GetDriveTypeA
TlsSetValue
FindResourceExA
GlobalAlloc
SetSystemTimeAdjustment
SetConsoleCP
HeapDestroy
GlobalFlags
SetConsoleMode
GetFileAttributesW
MulDiv
WriteConsoleW
GetBinaryTypeA
SetSystemPowerState
LocalHandle
GetTimeZoneInformation
GetOverlappedResult
GetACP
lstrlenW
RaiseException
DeactivateActCtx
GetPrivateProfileIntW
GetConsoleOutputCP
VerifyVersionInfoW
InterlockedExchange
GetStdHandle
FreeLibraryAndExitThread
OpenMutexW
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
CreateNamedPipeA
EnterCriticalSection
SearchPathA
SetFileApisToOEM
GetAtomNameA
LoadLibraryA
OpenThread
ProcessIdToSessionId
MoveFileA
IsSystemResumeAutomatic
SetConsoleDisplayMode
GetProfileStringA
GetCurrentConsoleFont
SetCommMask
GetPrivateProfileStructA
WaitForMultipleObjects
GetPrivateProfileSectionNamesA
RequestWakeupLatency
GetCurrentDirectoryA
GetConsoleCursorInfo
ScrollConsoleScreenBufferA
OpenSemaphoreW
GetVersionExA
WriteFileEx
AddConsoleAliasA
GetSystemTime
GetProfileSectionW
CopyFileExA
AreFileApisANSI
GetVolumeInformationW
lstrcpyA
WideCharToMultiByte
DeleteFileA
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
GetCurrentThreadId
TlsFree
GetModuleHandleW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
HeapValidate
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
HeapCreate
OutputDebugStringA
OutputDebugStringW
LoadLibraryW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
CreateFileW
CloseHandle
FlushFileBuffers
ReadFile

user32

GetAncestor

Exports

Exports

_futurama@4
_getArchiveInfo@8

Sections

.text
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.debug
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.00cfg
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.debug
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b20e823590a65ad6d345c463b7a7297

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 249KB - Virtual size: 248KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 20KB - Virtual size: 40KB

.tls Size: 512B - Virtual size: 193B

.rsrc Size: 39KB - Virtual size: 38KB

.bss Size: 9KB - Virtual size: 9KB

.bss Size: 1KB - Virtual size: 1KB

.debug Size: 146KB - Virtual size: 146KB

.00cfg Size: 165KB - Virtual size: 165KB

.ndata Size: 512B - Virtual size: 512B

.ndata Size: 37KB - Virtual size: 37KB

.itext Size: 3KB - Virtual size: 3KB

.ndata Size: 165KB - Virtual size: 165KB

.bss Size: 37KB - Virtual size: 37KB

.debug Size: 37KB - Virtual size: 37KB

.text
Size: 249KB - Virtual size: 248KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 20KB - Virtual size: 40KB

.tls
Size: 512B - Virtual size: 193B

.rsrc
Size: 39KB - Virtual size: 38KB

.bss
Size: 9KB - Virtual size: 9KB

.bss
Size: 1KB - Virtual size: 1KB

.debug
Size: 146KB - Virtual size: 146KB

.00cfg
Size: 165KB - Virtual size: 165KB

.ndata
Size: 512B - Virtual size: 512B

.ndata
Size: 37KB - Virtual size: 37KB

.itext
Size: 3KB - Virtual size: 3KB

.ndata
Size: 165KB - Virtual size: 165KB

.bss
Size: 37KB - Virtual size: 37KB

.debug
Size: 37KB - Virtual size: 37KB