JaffaCakes118_c36559f9424c28f367b41b6a184a47e6c5a0944222299533ab727fdd0a30e84f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c36559f9424c28f367b41b6a184a47e6c5a0944222299533ab727fdd0a30e84f
Size

676KB
MD5

d8fc28bf3cb175f1ea8bf892d0844f82
SHA1

59eed5e2ae2b4fc22227d4d36dba742491465111
SHA256

c36559f9424c28f367b41b6a184a47e6c5a0944222299533ab727fdd0a30e84f
SHA512

f224a35799d34bdcf071b84b91c37d67f8b133c927817cbdf1f6aec11eeec9df4e936973be38ed045a7c200c59084bdfbbe5c518bf32eff5ce40bdd705749b03
SSDEEP

12288:9qoIP+2ZbknRRI0Jk33Jxl2W4SMydNfunnwQ7G2:01LZb2RjeHosMBwZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c36559f9424c28f367b41b6a184a47e6c5a0944222299533ab727fdd0a30e84f

Files

JaffaCakes118_c36559f9424c28f367b41b6a184a47e6c5a0944222299533ab727fdd0a30e84f
.exe windows:5 windows x86 arch:x86

48cfe16a49c9dcec905547ba5c78e3fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\mefavime_8_wefosifi\totosilazataci.pdb

Imports

kernel32

LocalFlags
GetConsoleTitleA
LoadLibraryW
InterlockedPopEntrySList
LeaveCriticalSection
WriteConsoleW
GetModuleFileNameW
lstrlenW
GetShortPathNameA
CreateDirectoryA
GetConsoleAliasesW
GetStdHandle
GetCPInfoExW
FillConsoleOutputCharacterW
SetLastError
SetMailslotInfo
WriteProfileSectionA
LoadLibraryA
LocalAlloc
SetCalendarInfoW
MoveFileA
SetProcessWorkingSetSize
SetConsoleWindowInfo
GetModuleFileNameA
GetModuleHandleA
FindFirstChangeNotificationA
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
GetConsoleAliasesLengthW
WriteConsoleOutputCharacterA
UnregisterWait
SetStdHandle
CloseHandle
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
HeapFree
EnterCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
WideCharToMultiByte
RtlUnwind
IsProcessorFeaturePresent
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
HeapSize
CreateFileW

gdi32

GetTextExtentExPointA

winhttp

WinHttpCloseHandle

Sections

.text
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tuhali
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bofo
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nuxe
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sopa
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48cfe16a49c9dcec905547ba5c78e3fd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

winhttp

Sections

.text Size: 525KB - Virtual size: 524KB

.data Size: 24KB - Virtual size: 288KB

.tuhali Size: 3KB - Virtual size: 2KB

.bofo Size: 1024B - Virtual size: 624B

.nuxe Size: 512B - Virtual size: 23B

.sopa Size: 1024B - Virtual size: 963B

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 525KB - Virtual size: 524KB

.data
Size: 24KB - Virtual size: 288KB

.tuhali
Size: 3KB - Virtual size: 2KB

.bofo
Size: 1024B - Virtual size: 624B

.nuxe
Size: 512B - Virtual size: 23B

.sopa
Size: 1024B - Virtual size: 963B

.rsrc
Size: 120KB - Virtual size: 120KB