JaffaCakes118_2f09b78d9553e76cfb5f37d3b95c328c0e27492a41b053870c4cd38fe34cc313

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2f09b78d9553e76cfb5f37d3b95c328c0e27492a41b053870c4cd38fe34cc313
Size

310KB
MD5

2c5389a25b8b4e41c9d0d9368635c66c
SHA1

0b874b47a0b5b8c971a6750d35fd1eb081ab2df8
SHA256

2f09b78d9553e76cfb5f37d3b95c328c0e27492a41b053870c4cd38fe34cc313
SHA512

43f9c4aa667fad4f1d6c31af8c0cbed18b1e66d6a0596cd04d605714813c89e621f86dd369769c8f54705b10e2b7935f1e84f0e37e64f8258c4bfc7456b86dd2
SSDEEP

6144:tSKVaczmP5HaPF4N3LnJSs0+2775wRLcacJj:tSKVaczC4PF0bJSsDVRLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2f09b78d9553e76cfb5f37d3b95c328c0e27492a41b053870c4cd38fe34cc313

Files

JaffaCakes118_2f09b78d9553e76cfb5f37d3b95c328c0e27492a41b053870c4cd38fe34cc313
.exe windows:5 windows x86 arch:x86

958cdf01649e018078485a04b916d901

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\barohasepuc_dohotiwera.pdb

Imports

kernel32

CallNamedPipeA
TerminateProcess
GetExitCodeProcess
GetVersionExW
SetConsoleCP
GetConsoleAliasesLengthW
GetDefaultCommConfigW
FindFirstFileExW
GetDriveTypeW
FreeEnvironmentStringsA
SetProcessPriorityBoost
SetVolumeMountPointW
GetLongPathNameA
CopyFileA
TlsGetValue
SetConsoleCursorInfo
SetComputerNameExA
TzSpecificLocalTimeToSystemTime
FindAtomW
ReleaseSemaphore
GetNamedPipeHandleStateA
CreateMailslotW
BuildCommDCBAndTimeoutsW
VirtualProtect
LoadLibraryA
LocalAlloc
TryEnterCriticalSection
TlsSetValue
GetCommandLineW
InterlockedDecrement
GetCalendarInfoA
DeleteFileW
CreateActCtxW
CreateRemoteThread
SetSystemTimeAdjustment
GetPriorityClass
WritePrivateProfileStringA
GetProcessHeaps
GetProcessHeap
GlobalWire
ReadConsoleOutputCharacterW
GetStartupInfoA
GetDiskFreeSpaceExA
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryW
WriteProfileSectionW
GetProfileStringA
GetLastError
DeleteVolumeMountPointA
DebugBreak
GetPrivateProfileSectionA
lstrcmpA
WriteFile
GetSystemWindowsDirectoryW
GetThreadSelectorEntry
FindCloseChangeNotification
GetTapeParameters
GetMailslotInfo
InterlockedExchange
DefineDosDeviceW
FindVolumeMountPointClose
EndUpdateResourceW
WriteConsoleW
GetSystemTimeAdjustment
GetPrivateProfileSectionW
WritePrivateProfileSectionA
GetPrivateProfileStructA
GetDriveTypeA
GetFileAttributesExW
MoveFileW
GetVolumePathNameW
HeapUnlock
lstrcmpW
SetDefaultCommConfigW
FindActCtxSectionStringA
ResetEvent
GetThreadContext
MoveFileExW
GetProcAddress
GlobalLock
UnregisterWaitEx
BuildCommDCBA
PeekConsoleInputA
GetBinaryTypeW
CreateSemaphoreW
TransmitCommChar
WaitNamedPipeA
GetPrivateProfileSectionNamesW
FindResourceExW
EnumTimeFormatsW
GetLocalTime
CreateSemaphoreA
GetConsoleMode
GetOverlappedResult
GetThreadLocale
SetFileShortNameW
lstrcpyA
VerLanguageNameW
SetThreadExecutionState
SetSystemTime
LockFile
VerSetConditionMask
GetConsoleAliasA
FlushConsoleInputBuffer
FreeConsole
GetAtomNameW
GetConsoleAliasExesLengthA
WriteConsoleInputW
TransactNamedPipe
EnumDateFormatsA
SetCommState
FileTimeToLocalFileTime
_lopen
GetConsoleAliasExesLengthW
GetWriteWatch
FreeEnvironmentStringsW
GetNumberOfConsoleInputEvents
GetModuleHandleW
WriteConsoleOutputCharacterA
HeapFree
OpenMutexW
LocalLock
GetCommMask
SetMessageWaitingIndicator
FindClose
CreateIoCompletionPort
AreFileApisANSI
CancelWaitableTimer
GetProcessHandleCount
UnregisterWait
GetProcessVersion
lstrcpynA
GetNamedPipeInfo
GetCompressedFileSizeW
FindNextVolumeMountPointA
GetFullPathNameA
WriteProfileStringW
DeleteAtom
GlobalAddAtomW
TerminateJobObject
QueryDosDeviceW
InitializeCriticalSection
Process32NextW
SetCurrentDirectoryW
GetBinaryTypeA
MoveFileA
RaiseException
GetStartupInfoW
HeapValidate
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetModuleHandleA
Sleep
InterlockedIncrement
ExitProcess
TlsAlloc
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
OutputDebugStringW
LoadLibraryW
SetFilePointer
WideCharToMultiByte
GetConsoleCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle
FlushFileBuffers

Sections

.text
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yijipak
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vut
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dug
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

958cdf01649e018078485a04b916d901

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 250KB - Virtual size: 249KB

.data Size: 6KB - Virtual size: 1.1MB

.yijipak Size: 512B - Virtual size: 5B

.vut Size: 512B - Virtual size: 234B

.dug Size: 3KB - Virtual size: 3KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 250KB - Virtual size: 249KB

.data
Size: 6KB - Virtual size: 1.1MB

.yijipak
Size: 512B - Virtual size: 5B

.vut
Size: 512B - Virtual size: 234B

.dug
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 17KB - Virtual size: 17KB