JaffaCakes118_6390fa58f057c07b623dcfe73a9cf1d79a327e486351aee910d1aa5bd058bfe7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6390fa58f057c07b623dcfe73a9cf1d79a327e486351aee910d1aa5bd058bfe7
Size

833KB
MD5

879fe8251f7e362c8b786a1a1d03586c
SHA1

2dc5de3cee375f4630e4d70ee371523e93c36f01
SHA256

6390fa58f057c07b623dcfe73a9cf1d79a327e486351aee910d1aa5bd058bfe7
SHA512

fc46f174dcde80fe8a4341c778e6dd2d2b7c32cdf8a3cfedc24b88b63dd8ee36d89cae9986d02980ce55c68fa3f282a86d093825ca5fa20bb1879eacadbac70e
SSDEEP

24576:a4OqOuOCUS9cCh+goT9zxRA0EtQflzp9FEitw:aYUe3UgoT9PAbE79FEd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6390fa58f057c07b623dcfe73a9cf1d79a327e486351aee910d1aa5bd058bfe7

Files

JaffaCakes118_6390fa58f057c07b623dcfe73a9cf1d79a327e486351aee910d1aa5bd058bfe7
.exe windows:5 windows x86 arch:x86

0780a1f529c5eede8a87f1dd92af2170

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\poji-nomakoyocek65.pdb

Imports

kernel32

GetConsoleAliasesLengthW
WriteConsoleOutputCharacterA
SetMailslotInfo
LocalFlags
GetConsoleTitleA
LoadLibraryW
InterlockedPopEntrySList
LeaveCriticalSection
WriteConsoleW
GetModuleFileNameW
lstrlenW
GetShortPathNameA
CreateDirectoryA
GetConsoleAliasesW
GetStdHandle
GetCPInfoExW
GetLastError
UnregisterWait
WriteProfileSectionA
LoadLibraryA
LocalAlloc
SetCalendarInfoW
MoveFileA
SetProcessWorkingSetSize
SetConsoleWindowInfo
GetModuleFileNameA
GetModuleHandleA
FindFirstChangeNotificationA
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
FillConsoleOutputCharacterA
HeapSize
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
CloseHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
MultiByteToWideChar
ReadFile
LCMapStringW
GetStringTypeW
CreateFileW

winhttp

WinHttpCloseHandle

Sections

.text
Size: 680KB - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0780a1f529c5eede8a87f1dd92af2170

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

winhttp

Sections

.text Size: 680KB - Virtual size: 679KB

.data Size: 32KB - Virtual size: 295KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 680KB - Virtual size: 679KB

.data
Size: 32KB - Virtual size: 295KB

.rsrc
Size: 120KB - Virtual size: 120KB