JaffaCakes118_4cf9da9215e2027a3cfc21491b44c75b469d75a74941fe8c2f3e43ce1c91d0df

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_4cf9da9215e2027a3cfc21491b44c75b469d75a74941fe8c2f3e43ce1c91d0df
Size

315KB
MD5

e0b4e6f9450122319cc01978d3639e83
SHA1

aba9a8fca5e86afbde8215f2ae2c51fae913c149
SHA256

4cf9da9215e2027a3cfc21491b44c75b469d75a74941fe8c2f3e43ce1c91d0df
SHA512

c8064816a580626a74cd12da0028d8b9c7640a2bebe53d2995fbe75f3b49dc7ddf1599d4f049cadae0596ed0a044ab96735db397b1deddb861b48e0ad2bc4355
SSDEEP

3072:zchCKOmpAL2s8t5dKQY4dJh1tGbLl0k284e2BxWH8IL+ntGCMjjjjjjjjo:IkIAL2s8924DtG90k2DLDA8ltGCM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4cf9da9215e2027a3cfc21491b44c75b469d75a74941fe8c2f3e43ce1c91d0df

Files

JaffaCakes118_4cf9da9215e2027a3cfc21491b44c75b469d75a74941fe8c2f3e43ce1c91d0df
.exe windows:5 windows x86 arch:x86

339847cc841cb316de6dc98f28f10c65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreateMutexW
HeapCompact
lstrlenA
GetLocaleInfoA
AllocConsole
CommConfigDialogA
HeapAlloc
ReadConsoleOutputAttribute
WaitForSingleObject
InterlockedCompareExchange
GetModuleHandleW
GetTickCount
GenerateConsoleCtrlEvent
GetConsoleTitleA
ReadConsoleW
CreateActCtxW
ActivateActCtx
ReadConsoleInputA
FreeConsole
GetFileAttributesA
GetVolumePathNamesForVolumeNameW
GetGeoInfoA
ReadFile
GetModuleFileNameW
CreateMailslotW
SetConsoleTitleA
SetTapePosition
LCMapStringA
ReleaseActCtx
VirtualAlloc
HeapUnlock
ResetEvent
LoadLibraryA
LocalAlloc
SetConsoleCtrlHandler
BeginUpdateResourceA
HeapLock
SetConsoleWindowInfo
GetTapeParameters
GetModuleHandleA
CreateMutexA
GetPrivateProfileSectionA
CloseHandle
WriteProcessMemory
WriteConsoleW
GetConsoleOutputCP
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
HeapReAlloc
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA

user32

GetAltTabInfoW

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 66.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lexidit
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zavaku
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

339847cc841cb316de6dc98f28f10c65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 61KB - Virtual size: 61KB

.data Size: 156KB - Virtual size: 66.6MB

.lexidit Size: 512B - Virtual size: 23B

.zavaku Size: 512B - Virtual size: 6B

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 41KB - Virtual size: 41KB

.text
Size: 61KB - Virtual size: 61KB

.data
Size: 156KB - Virtual size: 66.6MB

.lexidit
Size: 512B - Virtual size: 23B

.zavaku
Size: 512B - Virtual size: 6B

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 41KB - Virtual size: 41KB