JaffaCakes118_50ee3d54b4b9028bf7b30ca565c8773a9251ab6e14534cdf397f14335fb743c7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_50ee3d54b4b9028bf7b30ca565c8773a9251ab6e14534cdf397f14335fb743c7
Size

123KB
MD5

ac8f00325c5e0fa398e223902b514b82
SHA1

64ce133e5a515c844306cca8a8dfe05d72970204
SHA256

50ee3d54b4b9028bf7b30ca565c8773a9251ab6e14534cdf397f14335fb743c7
SHA512

ef0572e22777a7c7e732f7dd32a9c6f4c30b0ac474de45cb01ada733d45618b39590b1b2100ad641b8e11787a52a3adddb4f1acd52971a2ca81732ae446e3ece
SSDEEP

3072:uad4uPu/b1WXl0PT5kHrJN9uY10mDI/T5rvpDehBUkhgAzMz8t:fdh2/5WV0PdkH1u6Jc1rvUlW1z8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2a1ecc36a5ac120dae2bfe076783af5fb5e3b36a652f929e6e13c7bbad4e825b

Files

JaffaCakes118_50ee3d54b4b9028bf7b30ca565c8773a9251ab6e14534cdf397f14335fb743c7
.zip
2a1ecc36a5ac120dae2bfe076783af5fb5e3b36a652f929e6e13c7bbad4e825b
.exe windows:5 windows x86 arch:x86

f414cbc7badf4ac56a0a88b7505929f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xiliciloyowe.pdb

Imports

kernel32

GetLocalTime
InterlockedDecrement
GetLocaleInfoW
InterlockedCompareExchange
_hwrite
SetWaitableTimer
GetSystemDirectoryA
CreateEventA
ReadConsoleA
BuildCommDCBA
GetConsoleAliasExesLengthA
HeapWalk
PeekConsoleInputA
EnumDateFormatsW
CreateFileA
RegisterWaitForSingleObjectEx
LoadLibraryA
VerifyVersionInfoA
WaitNamedPipeW
CreateMutexW
FindResourceExA
VirtualFree
GetFirmwareEnvironmentVariableA
GetModuleFileNameW
BeginUpdateResourceW
WriteConsoleW
EnumCalendarInfoExA
WriteConsoleOutputCharacterW
WriteConsoleA
DeleteFileW
LocalAlloc
GetProcAddress
GetUserDefaultLangID
FindFirstChangeNotificationW
HeapUnlock
GetCalendarInfoW
SetConsoleTitleA
GetBinaryTypeW
GetSystemDefaultLCID
GetCurrentProcess
GetThreadLocale
GetComputerNameExA
FindNextFileA
OpenJobObjectW
HeapValidate
_lclose
FoldStringW
GetComputerNameW
SetFileShortNameA
FillConsoleOutputCharacterW
GetTimeZoneInformation
TlsGetValue
GetCPInfoExW
GetFileAttributesExW
SetCalendarInfoA
SetComputerNameW
GetFileAttributesA
CreateDirectoryExA
DeleteCriticalSection
FindFirstChangeNotificationA
GetVolumePathNameW
SetSystemTime
ReadFile
GetStringTypeA
HeapSize
GetDiskFreeSpaceW
LoadLibraryW
MultiByteToWideChar
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
IsProcessorFeaturePresent
GetLastError
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
TerminateProcess
HeapFree
GetModuleHandleW
ExitProcess
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapAlloc
CloseHandle
WriteFile
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
Sleep
RtlUnwind
LCMapStringW
GetStringTypeW
RaiseException
HeapReAlloc
CreateFileW

user32

ClientToScreen

gdi32

GetBitmapBits

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 32.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f414cbc7badf4ac56a0a88b7505929f7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 11KB - Virtual size: 32.5MB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 11KB - Virtual size: 32.5MB

.rsrc
Size: 30KB - Virtual size: 29KB