JaffaCakes118_b94d0e8435e9f0dadb6f683f7eaf08ef0917aabd80ab0c5ae38296921bc6d566

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b94d0e8435e9f0dadb6f683f7eaf08ef0917aabd80ab0c5ae38296921bc6d566
Size

300KB
MD5

4189f2a27dfdbdc0424f4b04964a1cb1
SHA1

276ccfa3cef69d41b4ae7dfca5ca170a90d5032a
SHA256

b94d0e8435e9f0dadb6f683f7eaf08ef0917aabd80ab0c5ae38296921bc6d566
SHA512

55fd82b856ffcf1c0c1febeda8ce04ae4893a84d8a0bfb617fca3fdd1090f667f43aeb569857913e7a0e1388b769dd77006926a6469c23f9b339f06a7d705355
SSDEEP

6144:+X5T4tWtxqDstWhZxQxHdEXhG904J6KkE:+X5UtWCDstWhfQNdKhV40Kk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b94d0e8435e9f0dadb6f683f7eaf08ef0917aabd80ab0c5ae38296921bc6d566

Files

JaffaCakes118_b94d0e8435e9f0dadb6f683f7eaf08ef0917aabd80ab0c5ae38296921bc6d566
.exe windows:5 windows x86 arch:x86

440ffbeafea6e418d63b29de6dc6f0e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\wefe91_wir cedizipemizo_xip\mopu21\siyaro.pdb

Imports

kernel32

CallNamedPipeA
TerminateThread
GetExitCodeProcess
GetVersionExA
GetConsoleCP
GetConsoleAliasesLengthW
CommConfigDialogA
FindFirstFileExA
GetDriveTypeA
FreeEnvironmentStringsA
GetProcessPriorityBoost
SetVolumeMountPointA
GetLongPathNameA
CopyFileW
TlsSetValue
SetConsoleCursorInfo
GlobalHandle
TzSpecificLocalTimeToSystemTime
FindAtomA
ReleaseSemaphore
GetNamedPipeHandleStateA
CreateMailslotW
BuildCommDCBAndTimeoutsA
VirtualProtect
GetModuleHandleA
LocalAlloc
TryEnterCriticalSection
GetCommandLineA
InterlockedExchange
GetCalendarInfoA
DeleteFileA
CreateActCtxA
CreateRemoteThread
CreateThread
GetPriorityClass
WritePrivateProfileStringW
GetProcessHeaps
GetProcessHeap
GlobalUnWire
ReadConsoleOutputCharacterW
GetStartupInfoA
GetDiskFreeSpaceExA
GetCPInfoExA
GetWindowsDirectoryA
GetSystemWow64DirectoryW
GetProfileStringA
WriteProfileSectionW
GetProfileStringW
GetLastError
GetStringTypeExA
DebugBreak
GetPrivateProfileSectionA
lstrcmpW
ReadFile
GetConsoleMode
GetThreadSelectorEntry
lstrcatA
CreateActCtxW
SetMailslotInfo
GetSystemTimeAdjustment
DefineDosDeviceW
EndUpdateResourceW
WriteConsoleA
GetPrivateProfileStructW
HeapLock
DisableThreadLibraryCalls
PeekConsoleInputW
GetTapeStatus
TransmitCommChar
WaitNamedPipeW
FindResourceExA
GetLocalTime
GetOverlappedResult
CreateSemaphoreW
SetThreadLocale
SetFileShortNameA
lstrcpyW
VerLanguageNameW
LockFile
SetConsoleCP
GetConsoleAliasA
EnumDateFormatsW
ResetWriteWatch
GetNumberOfConsoleInputEvents
WriteConsoleOutputCharacterA
GetConsoleAliasExesLengthW
GetComputerNameW
HeapFree
LocalReAlloc
SetCommMask
SetEndOfFile
FindClose
PostQueuedCompletionStatus
AreFileApisANSI
SetWaitableTimer
EnumResourceNamesW
GetProcessTimes
FatalAppExitW
lstrcpynW
GetNamedPipeInfo
FillConsoleOutputCharacterW
GetCompressedFileSizeA
FindNextVolumeMountPointA
GetFullPathNameW
WriteProfileStringW
SetHandleCount
GlobalAddAtomA
TerminateJobObject
QueryDosDeviceW
InitializeCriticalSection
Process32FirstW
SetCurrentDirectoryA
GetBinaryTypeW
OpenMutexA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MoveFileA
RaiseException
GetStartupInfoW
HeapValidate
IsBadReadPtr
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetModuleFileNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExitProcess
GetModuleFileNameA
WriteFile
GetStdHandle
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsFree
SetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
SetFilePointer
WideCharToMultiByte
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleOutputCP
FlushFileBuffers
CreateFileA
CloseHandle

Sections

.text
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tehumiz
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hixuk
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xace
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jeleyu
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

440ffbeafea6e418d63b29de6dc6f0e5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 237KB - Virtual size: 237KB

.data Size: 5KB - Virtual size: 72KB

.tehumiz Size: 512B - Virtual size: 5B

.hixuk Size: 512B - Virtual size: 75B

.xace Size: 512B - Virtual size: 234B

.jeleyu Size: 3KB - Virtual size: 3KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 237KB - Virtual size: 237KB

.data
Size: 5KB - Virtual size: 72KB

.tehumiz
Size: 512B - Virtual size: 5B

.hixuk
Size: 512B - Virtual size: 75B

.xace
Size: 512B - Virtual size: 234B

.jeleyu
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 15KB - Virtual size: 14KB