JaffaCakes118_7cf2b484f08770092a1ad648e8239e358db8a96f4d42d3d9ed14fca384591794

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7cf2b484f08770092a1ad648e8239e358db8a96f4d42d3d9ed14fca384591794
Size

767KB
MD5

80a5d8f634257cbfeb6ce7c8bcdd4bac
SHA1

c2673b315213ce1dd9b1ace0cb27e185b7ea3e11
SHA256

7cf2b484f08770092a1ad648e8239e358db8a96f4d42d3d9ed14fca384591794
SHA512

247a99cc29122e2e12b0fc0669b10bbb2860db0ca0e1f70c33384e6135a4835eb287a3b8aa039a8027810de174768d21b942a5a88f60fbe7768f0a380dafa697
SSDEEP

12288:DkQBhhuIw/VJM0Kkt2w0ILHrIGfHkV5bOfNsRlojub6w:4kEjuXkvL8GfETOiRlo6b6w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7cf2b484f08770092a1ad648e8239e358db8a96f4d42d3d9ed14fca384591794

Files

JaffaCakes118_7cf2b484f08770092a1ad648e8239e358db8a96f4d42d3d9ed14fca384591794
.exe windows:5 windows x86 arch:x86

730ddcd509972dad6242290a5ee7bcfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\sazaxababexug-hezulul74\sovapocip\razifogusose\pose.pdb

Imports

kernel32

InitializeSListHead
GetModuleHandleW
GetConsoleAliasesA
InitializeCriticalSection
LoadLibraryW
LeaveCriticalSection
lstrcpynW
WriteConsoleW
GetModuleFileNameW
ReleaseActCtx
GetLastError
GetProcAddress
GetLongPathNameA
SetMailslotInfo
MoveFileW
WriteProfileSectionA
SetFileAttributesA
WriteConsoleA
GetProcessWorkingSetSize
IsWow64Process
GetModuleFileNameA
EnumDateFormatsA
CreateIoCompletionPort
GetConsoleTitleW
VirtualProtect
GetShortPathNameW
GetFileInformationByHandle
FreeLibrary
InterlockedIncrement
InterlockedDecrement
Sleep
DeleteCriticalSection
EnterCriticalSection
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
RaiseException
WriteFile
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
HeapReAlloc
SetStdHandle
LCMapStringW
FlushFileBuffers
CreateFileW
CloseHandle

advapi32

ClearEventLogA

Sections

.text
Size: 707KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

730ddcd509972dad6242290a5ee7bcfc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 707KB - Virtual size: 706KB

.data Size: 26KB - Virtual size: 59KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 707KB - Virtual size: 706KB

.data
Size: 26KB - Virtual size: 59KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 8KB - Virtual size: 7KB