JaffaCakes118_6410516374510abd1fc9d51d7eb89a1dfa9380780021c29a77e14b14d2a07a62

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6410516374510abd1fc9d51d7eb89a1dfa9380780021c29a77e14b14d2a07a62
Size

796KB
MD5

5c012a04011979931c493a83cddd79a7
SHA1

b4a1c8004b82ed78f39b53f4730a6df0270cb66a
SHA256

6410516374510abd1fc9d51d7eb89a1dfa9380780021c29a77e14b14d2a07a62
SHA512

b06673f8bd85acc8219cb2a21017dd8942c17395f45568478440e30a2608fa0d674e53a05fe17c36d2407024f259af715896cce892280e179ff66516fc2e563b
SSDEEP

12288:A/qN1D415uvnCgBr65HwvbfhYuRAPIMj67fMJS5/0spyEtFbysWlw:ZzwcCgh6mY6/JUJyttFmsWlw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6410516374510abd1fc9d51d7eb89a1dfa9380780021c29a77e14b14d2a07a62

Files

JaffaCakes118_6410516374510abd1fc9d51d7eb89a1dfa9380780021c29a77e14b14d2a07a62
.exe windows:5 windows x86 arch:x86

102925d1127f9c0032b267954e8e052b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vigoy\cesovesenobiw.pdb

Imports

kernel32

GetNamedPipeHandleStateW
CreateIoCompletionPort
FillConsoleOutputCharacterW
SetThreadAffinityMask
GetExitCodeProcess
GetCurrentProcessId
GetVersionExA
EnumDateFormatsExW
FindNextFileW
CopyFileExA
BuildCommDCBAndTimeoutsW
DebugSetProcessKillOnExit
WriteProfileStringW
WritePrivateProfileStructA
FindFirstChangeNotificationA
MapViewOfFileEx
CreateTimerQueue
FindNextVolumeMountPointA
SetVolumeMountPointW
GetWriteWatch
ReadConsoleInputA
SetComputerNameExW
SystemTimeToTzSpecificLocalTime
GetSystemDirectoryA
GetDriveTypeW
BuildCommDCBAndTimeoutsA
LoadLibraryA
GlobalAlloc
VerifyVersionInfoW
GetBinaryTypeA
ReleaseActCtx
InterlockedExchangeAdd
InterlockedDecrement
FormatMessageW
SetDllDirectoryA
GetNamedPipeHandleStateA
WritePrivateProfileStringA
GetConsoleAliasesLengthW
GetProcessHeaps
OpenWaitableTimerW
UnlockFile
InterlockedIncrement
GetStartupInfoW
GetSystemWow64DirectoryW
SetLastError
GetConsoleAliasExesW
ContinueDebugEvent
EndUpdateResourceA
GetLastError
GetSystemTime
TerminateProcess
FlushConsoleInputBuffer
SetDefaultCommConfigW
VirtualFree
GlobalUnfix
GetSystemWindowsDirectoryA
CopyFileA
TerminateThread
EnterCriticalSection
FindAtomA
HeapUnlock
GetMailslotInfo
CreateActCtxA
GetConsoleAliasW
_lwrite
CreateNamedPipeA
InterlockedExchange
SetSystemTimeAdjustment
DefineDosDeviceW
GetAtomNameA
SetConsoleScreenBufferSize
EnumResourceTypesA
lstrlenA
LoadLibraryW
MoveFileA
WriteConsoleA
VirtualProtect
GetModuleHandleW
ReadConsoleOutputW
GetThreadContext
BuildCommDCBW
AddRefActCtx
WritePrivateProfileStringW
GetFileAttributesW
CopyFileW
GetVolumePathNameW
GetCommMask
CloseHandle
EnumDateFormatsExA
FindActCtxSectionStringA
GetNamedPipeInfo
AttachConsole
GlobalGetAtomNameW
SetComputerNameA
GetConsoleAliasesW
WriteConsoleInputW
CreateMailslotW
SetLocalTime
EnumSystemLocalesA
CallNamedPipeA
GetConsoleAliasExesLengthW
FindActCtxSectionStringW
GetPrivateProfileIntW
GetModuleHandleExW
GetStringTypeA
GetTickCount
OpenWaitableTimerA
GlobalWire
FillConsoleOutputCharacterA
GetCompressedFileSizeW
SetThreadPriority
MapUserPhysicalPages
WriteConsoleOutputCharacterA
EnumDateFormatsA
TerminateJobObject
CreateFileW
GetDateFormatA
GetOEMCP
FindNextVolumeA
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
WideCharToMultiByte
HeapValidate
IsBadReadPtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
GetCurrentProcess
IsDebuggerPresent
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
GetACP
GetCPInfo
IsValidCodePage
SetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapDestroy
HeapCreate
HeapFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
FlushFileBuffers
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetConsoleOutputCP
SetFilePointer
CreateFileA
ReadFile

advapi32

ImpersonateSelf

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 586KB - Virtual size: 838KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

102925d1127f9c0032b267954e8e052b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 171KB - Virtual size: 171KB

.data Size: 586KB - Virtual size: 838KB

.rsrc Size: 37KB - Virtual size: 36KB

.text
Size: 171KB - Virtual size: 171KB

.data
Size: 586KB - Virtual size: 838KB

.rsrc
Size: 37KB - Virtual size: 36KB