JaffaCakes118_17687f6b5a69cbaa84309f9ced25b3731c9fd6f4704abf9291877e6c5e57e899

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_17687f6b5a69cbaa84309f9ced25b3731c9fd6f4704abf9291877e6c5e57e899
Size

159KB
MD5

7272673adb381a42bf168133972442a5
SHA1

d6eaf59359ea2d1bb61877d077c9f9c97422759c
SHA256

17687f6b5a69cbaa84309f9ced25b3731c9fd6f4704abf9291877e6c5e57e899
SHA512

72eee2da5918a2fe52dc72f9a76730379c2fc85d0694ad25efadc588dd7b64f3e7ba8229cd9e78ecfadf5d331a274409b370399afe135aa2d3bf469faf40d6d5
SSDEEP

3072:IK7tyStkBJQXJAkcFjwNMhKNa7hHXSdmrFgotXEwKHbKOOlLlm:IWtkBJQXBco7+INaUHb8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_17687f6b5a69cbaa84309f9ced25b3731c9fd6f4704abf9291877e6c5e57e899

Files

JaffaCakes118_17687f6b5a69cbaa84309f9ced25b3731c9fd6f4704abf9291877e6c5e57e899
.exe windows:5 windows x86 arch:x86

c39584a6d5b06ad20d7f503d89ab7e62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\tejes.pdb

Imports

kernel32

LoadResource
GlobalAddAtomA
GetEnvironmentStringsW
WaitForSingleObject
CreateHardLinkA
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetSystemTimeAsFileTime
CancelDeviceWakeupRequest
EnumResourceTypesA
GetFirmwareEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
ReadFileScatter
InitAtomTable
SetConsoleCP
GetFileAttributesA
HeapCompact
GetAtomNameW
FlushFileBuffers
SetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
LocalAlloc
WaitForMultipleObjects
GetDefaultCommConfigA
GetConsoleTitleW
EnumDateFormatsW
CloseHandle
DeleteAtom
CheckRemoteDebuggerPresent
EnumCalendarInfoExA
LCMapStringW
SetConsoleCursorPosition
GetSystemDefaultLangID
CreateFileW
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetLastError
HeapFree
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
Sleep
HeapSize
SetHandleCount
GetFileType
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
FreeEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
HeapReAlloc
RtlUnwind
SetStdHandle
WriteConsoleW
MultiByteToWideChar
GetStringTypeW
IsProcessorFeaturePresent

user32

SetCaretPos

advapi32

CloseEventLog

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c39584a6d5b06ad20d7f503d89ab7e62

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 5KB - Virtual size: 23KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 5KB - Virtual size: 23KB

.rsrc
Size: 32KB - Virtual size: 32KB