JaffaCakes118_78a529d7e685e6ae4c78c54e7638a607abc7684bf6b165b12c67d337047ee714

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_78a529d7e685e6ae4c78c54e7638a607abc7684bf6b165b12c67d337047ee714
Size

295KB
MD5

9030655a6f62f9a680bc9469372e55fe
SHA1

fd87e7b02a3bda1a7d3c783cf24f43def0437e5f
SHA256

78a529d7e685e6ae4c78c54e7638a607abc7684bf6b165b12c67d337047ee714
SHA512

934a53e399665bffff8cf6a68fd139ed18d60c464fbc1969471a113897282353038f9daa01ccf6366b5846810d41b9fed11dec2b3d18129bc2048f3c6a4d546b
SSDEEP

6144:cQv1fCPcQsRDgQ6QucrF82jg6rhR3TN/x4ue:1dfC/igSucrFpgQhFNs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_78a529d7e685e6ae4c78c54e7638a607abc7684bf6b165b12c67d337047ee714

Files

JaffaCakes118_78a529d7e685e6ae4c78c54e7638a607abc7684bf6b165b12c67d337047ee714
.exe windows:5 windows x86 arch:x86

0932f1276da9b847f884ba256aa050f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\lajayizanex77.pdb

Imports

kernel32

CallNamedPipeW
TerminateThread
GetExitCodeProcess
GetVersionExA
SetConsoleCP
GetConsoleAliasesLengthW
GetDefaultCommConfigW
FindFirstFileExA
GetDriveTypeW
FreeEnvironmentStringsA
SetProcessPriorityBoost
SetVolumeMountPointW
GetLongPathNameA
CopyFileW
TlsGetValue
SetConsoleCursorInfo
GlobalHandle
TzSpecificLocalTimeToSystemTime
FindAtomW
ReleaseSemaphore
GetNamedPipeHandleStateA
CreateMailslotA
BuildCommDCBAndTimeoutsA
VirtualProtect
GetModuleHandleA
LocalAlloc
TryEnterCriticalSection
TlsSetValue
GetCommandLineA
InterlockedExchange
GetCalendarInfoW
DeleteFileW
CreateActCtxA
CreateRemoteThread
SetSystemTimeAdjustment
GetPriorityClass
WritePrivateProfileStringA
GetProcessHeaps
GetProcessHeap
GlobalWire
ReadConsoleOutputCharacterW
GetStartupInfoA
GetDiskFreeSpaceExW
GetCPInfoExA
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetProfileStringW
WriteProfileSectionW
GetProfileStringA
GetLastError
GetStringTypeExA
DebugBreak
GetPrivateProfileSectionA
lstrcmpA
WriteFile
SetConsoleMode
TerminateProcess
GetThreadSelectorEntry
lstrcatA
CreateActCtxW
GetMailslotInfo
DefineDosDeviceW
EndUpdateResourceW
WriteConsoleW
GetPrivateProfileSectionW
WritePrivateProfileSectionA
GetPrivateProfileStructA
GetDriveTypeA
GetFileAttributesExW
Process32FirstW
MoveFileW
GetVolumePathNameW
GetConsoleMode
HeapLock
lstrcmpW
SetDefaultCommConfigW
FindActCtxSectionStringA
ResetEvent
GetThreadContext
MoveFileExW
GetProcAddress
GlobalLock
UnregisterWaitEx
BuildCommDCBA
PeekConsoleInputA
TransmitCommChar
WaitNamedPipeA
FindResourceExA
GetLocalTime
GetOverlappedResult
CreateSemaphoreW
SetThreadLocale
SetFileShortNameW
lstrcpyW
VerLanguageNameW
LockFile
GetConsoleAliasA
EnumDateFormatsA
GetWriteWatch
FreeEnvironmentStringsW
GetNumberOfConsoleInputEvents
WriteConsoleOutputCharacterA
GetConsoleAliasExesLengthW
GetComputerNameW
HeapFree
SetLastError
LocalReAlloc
GetCommMask
SetMessageWaitingIndicator
FindClose
CreateIoCompletionPort
AreFileApisANSI
SetWaitableTimer
EnumResourceNamesA
GetProcessHandleCount
FatalAppExitA
lstrcpynW
GetNamedPipeInfo
FillConsoleOutputCharacterW
GetCompressedFileSizeA
FindNextVolumeMountPointA
GetFullPathNameA
WriteProfileStringW
SetHandleCount
GlobalAddAtomW
TerminateJobObject
QueryDosDeviceA
InitializeCriticalSection
Process32NextW
SetCurrentDirectoryA
GetBinaryTypeA
OpenMutexW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MoveFileA
RaiseException
GetStartupInfoW
HeapValidate
IsBadReadPtr
GetCurrentProcess
IsDebuggerPresent
GetModuleFileNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleFileNameA
GetStdHandle
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCommandLineW
TlsAlloc
TlsFree
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
SetFilePointer
WideCharToMultiByte
GetConsoleCP
OutputDebugStringA
OutputDebugStringW
LoadLibraryW
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
FlushFileBuffers
ReadFile
CreateFileA
CloseHandle

Sections

.text
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ciy
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rib
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.til
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pujati
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0932f1276da9b847f884ba256aa050f8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 238KB - Virtual size: 237KB

.data Size: 5KB - Virtual size: 72KB

.ciy Size: 512B - Virtual size: 5B

.rib Size: 512B - Virtual size: 75B

.til Size: 512B - Virtual size: 234B

.pujati Size: 3KB - Virtual size: 3KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 238KB - Virtual size: 237KB

.data
Size: 5KB - Virtual size: 72KB

.ciy
Size: 512B - Virtual size: 5B

.rib
Size: 512B - Virtual size: 75B

.til
Size: 512B - Virtual size: 234B

.pujati
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 15KB - Virtual size: 14KB