JaffaCakes118_a34160e477cad8457d61f6a99c671914118fa37c2d0ca13ab886c33cbab422a2

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_a34160e477cad8457d61f6a99c671914118fa37c2d0ca13ab886c33cbab422a2
Size

4.4MB
MD5

6fb3bce5fa2810d0be73468afd797522
SHA1

6e178d5ce34b2e47a9ee2b6d7550cb4a5241ab6a
SHA256

a34160e477cad8457d61f6a99c671914118fa37c2d0ca13ab886c33cbab422a2
SHA512

cddc004dd56c45d3b1f452c4a8ec116cfd9108ccbe763c8995995da0df0ffddfe8a438192461cd43d7156c2afd1345b20a739812f072944b8f5a5207d9161b22
SSDEEP

98304:Wb0gJ4iKD7Cpl0i+6nHMNU3gnmKJQ9LRKdDPYFj6EqGxS7ZS4pZR:Wp4DD7iBnqUQnpYlEDgFGD3ZR

Score

1^/10

Malware Config

Signatures

Files

JaffaCakes118_a34160e477cad8457d61f6a99c671914118fa37c2d0ca13ab886c33cbab422a2
.exe windows:5 windows x86 arch:x86

a2b61ec335a437915fc26e9e5178da86

Code Sign

9e:51:f9:06:1b:ac:51:bd:28:50:94:2a:23:01:76:34
Certificate

Issuer

POSTALCODE=10051

Not Before

06-09-2021 22:20

Not After

06-09-2022 22:20

Subject

POSTALCODE=10051

5a:b3:ef:fd:55:d3:de:59:18:e0:e5:c2:a8:a9:ed:d5:5f:68:dc:9d:ee:80:bd:50:71:a8:2e:0b:14:88:ac:e4
Signer

Actual PE Digest

5a:b3:ef:fd:55:d3:de:59:18:e0:e5:c2:a8:a9:ed:d5:5f:68:dc:9d:ee:80:bd:50:71:a8:2e:0b:14:88:ac:e4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\mubagexi87-duhanuj\xixuripeca.pdb

Imports

kernel32

FileTimeToDosDateTime
GetNativeSystemInfo
lstrlenA
CopyFileExW
GetStringTypeA
GetCPInfo
InterlockedIncrement
GetQueuedCompletionStatus
ReadConsoleA
CompareFileTime
GlobalLock
GetModuleHandleW
GetCurrentThread
GetSystemTimeAsFileTime
WriteFile
SetCommState
GetCommandLineA
GlobalAlloc
GetPrivateProfileIntA
LoadLibraryW
CopyFileW
GetSystemWindowsDirectoryA
GetConsoleAliasExesLengthW
GetVersionExW
GlobalFlags
TerminateProcess
SetThreadPriority
GetStartupInfoW
GetNamedPipeHandleStateW
LCMapStringA
GetPrivateProfileIntW
CreateDirectoryA
InterlockedExchange
GetStartupInfoA
SetThreadLocale
GetLastError
GetProcAddress
SearchPathA
GetPrivateProfileStringA
OpenWaitableTimerA
LoadLibraryA
Process32FirstW
GetFileType
SetCurrentDirectoryW
SetThreadIdealProcessor
HeapWalk
FindAtomA
SetEnvironmentVariableA
QueryMemoryResourceNotification
FreeEnvironmentStringsW
EnumResourceNamesA
GetCPInfoExA
TlsAlloc
FindAtomW
ReadConsoleOutputCharacterW
GetSystemTime
GetProfileSectionW
DeleteFileA
CreateFileA
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
HeapValidate
IsBadReadPtr
RaiseException
RtlUnwind
GetCurrentProcess
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
ExitProcess
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetFilePointer
CloseHandle

user32

GetComboBoxInfo

msimg32

TransparentBlt

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.2MB - Virtual size: 43.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2b61ec335a437915fc26e9e5178da86

Code Sign

9e:51:f9:06:1b:ac:51:bd:28:50:94:2a:23:01:76:34Certificate

5a:b3:ef:fd:55:d3:de:59:18:e0:e5:c2:a8:a9:ed:d5:5f:68:dc:9d:ee:80:bd:50:71:a8:2e:0b:14:88:ac:e4Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msimg32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 4.2MB - Virtual size: 43.3MB

.rsrc Size: 26KB - Virtual size: 26KB

9e:51:f9:06:1b:ac:51:bd:28:50:94:2a:23:01:76:34
Certificate

5a:b3:ef:fd:55:d3:de:59:18:e0:e5:c2:a8:a9:ed:d5:5f:68:dc:9d:ee:80:bd:50:71:a8:2e:0b:14:88:ac:e4
Signer

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 4.2MB - Virtual size: 43.3MB

.rsrc
Size: 26KB - Virtual size: 26KB