JaffaCakes118_44b3e8ec1db4407ffbd084add8a1311063b712490150f61987c8a7a35ec75142

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_44b3e8ec1db4407ffbd084add8a1311063b712490150f61987c8a7a35ec75142
Size

4.4MB
MD5

c7c0907a05c15a107b4f318f80a3c8e8
SHA1

6f13303923856d1c924f89bb30aed20b68a9400c
SHA256

44b3e8ec1db4407ffbd084add8a1311063b712490150f61987c8a7a35ec75142
SHA512

d23a1da360188997bcb37b9600d95128038929dcf1770235c102f8b7ebe2c8b150f0e4bd451f460d43e6663c1ffc0a78c074b316543644599f3c2c2db40883c5
SSDEEP

98304:hv1Ien0lEuPLzWdMA0ZHlBWxO9ujyb1U6h3K:34kMAYl8xO9cwK

Score

1^/10

Malware Config

Signatures

Files

JaffaCakes118_44b3e8ec1db4407ffbd084add8a1311063b712490150f61987c8a7a35ec75142
.exe windows:5 windows x86 arch:x86

2617ed69d5fa8c0972283727d551e89d

Code Sign

52:a4:73:01:ec:5f:fc:cf:01:03:e1:ba:5b:7a:8e:7d
Certificate

Issuer

POSTALCODE=10051

Not Before

01-09-2021 19:01

Not After

01-09-2022 19:01

Subject

POSTALCODE=10051

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0a
Signer

Actual PE Digest

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\gasavowozud zoduk_kuseyo.pdb

Imports

kernel32

SetLocalTime
InterlockedIncrement
ReadConsoleA
InterlockedDecrement
GetCurrentProcess
GetSystemWindowsDirectoryW
SetEnvironmentVariableW
GetEnvironmentStringsW
GetUserDefaultLCID
WaitForSingleObject
AddConsoleAliasW
SetVolumeMountPointW
EnumCalendarInfoExW
WriteFile
GetUserDefaultLangID
GetEnvironmentStrings
GlobalAlloc
SwitchToFiber
WriteConsoleOutputA
LeaveCriticalSection
PulseEvent
FindNextVolumeW
VerifyVersionInfoA
HeapQueryInformation
GetModuleFileNameW
GetACP
LCMapStringA
GetConsoleOutputCP
GetProcAddress
GetComputerNameExW
VerLanguageNameA
CreateTimerQueueTimer
HeapUnlock
GetDefaultCommConfigA
GetModuleHandleA
QueueUserWorkItem
GetConsoleTitleW
PeekConsoleInputA
GetCPInfoExA
EndUpdateResourceA
GetVersionExA
ReadConsoleInputW
lstrcpynW
GetCommandLineW
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
HeapFree
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
FreeEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
WriteConsoleW
SetStdHandle
CreateFileA

user32

RealGetWindowClassW

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2617ed69d5fa8c0972283727d551e89d

Code Sign

52:a4:73:01:ec:5f:fc:cf:01:03:e1:ba:5b:7a:8e:7dCertificate

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0aSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 29.1MB

.rsrc Size: 83KB - Virtual size: 83KB

52:a4:73:01:ec:5f:fc:cf:01:03:e1:ba:5b:7a:8e:7d
Certificate

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0a
Signer

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 29.1MB

.rsrc
Size: 83KB - Virtual size: 83KB