JaffaCakes118_24feb572bcd9dd438d27a8599dc9fd80d502bb784724d3895e5717b9f107549c

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_24feb572bcd9dd438d27a8599dc9fd80d502bb784724d3895e5717b9f107549c
Size

353KB
MD5

faca330f7f301365c3012fe0d2e79256
SHA1

c4959a1046ba4f24e5ef94f3ebdd68485e2dc8b7
SHA256

24feb572bcd9dd438d27a8599dc9fd80d502bb784724d3895e5717b9f107549c
SHA512

35fc60fa1259d56c1e153d93aa8d6133359eb1bb4fa907df6035c5e62b2d1c175f67e8b0b3be63beeb3f0d219846dc8eb1e8227304a38e0657807eabfbcbc71a
SSDEEP

6144:otu6/31AC1iH9KkBZIdUzy3OhJmRcYFRIXPaGmaMFXEEf:otu2FuKk8EJ1MRqPaGm9H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_24feb572bcd9dd438d27a8599dc9fd80d502bb784724d3895e5717b9f107549c

Files

JaffaCakes118_24feb572bcd9dd438d27a8599dc9fd80d502bb784724d3895e5717b9f107549c
.exe windows:5 windows x86 arch:x86

a11c9499d7d7700d41e1c4985c1ebc65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\jog98\seluhuvikayob\zukugidud_luvixomuwahan\ramikasa.pdb

Imports

kernel32

GetExitCodeProcess
GetVersionExA
GetConsoleCP
GetConsoleAliasesLengthA
CommConfigDialogA
FindFirstFileExW
GetDriveTypeA
FreeEnvironmentStringsA
GetProcessPriorityBoost
SetVolumeMountPointA
GetLongPathNameA
CopyFileW
TlsSetValue
SetConsoleCursorInfo
LocalHandle
TzSpecificLocalTimeToSystemTime
FindAtomW
ReleaseSemaphore
GetNamedPipeHandleStateA
SetThreadPriorityBoost
BuildCommDCBAndTimeoutsW
GetProcAddress
GetModuleHandleA
LocalAlloc
LocalReAlloc
GetCommandLineA
InterlockedExchange
GetCalendarInfoW
DeleteFileA
CreateActCtxA
SetPriorityClass
GetProcessHeap
GlobalUnWire
ReadConsoleOutputCharacterA
GetStartupInfoA
GetDiskFreeSpaceExA
GetCPInfoExA
GetWindowsDirectoryA
GetSystemWow64DirectoryW
GetLastError
GetProfileStringW
WriteProfileSectionW
GetProfileStringA
SetLastError
GetStringTypeExA
DebugBreak
GetPrivateProfileSectionW
lstrcmpW
ReadFile
GetConsoleMode
GetThreadSelectorEntry
lstrcatW
CreateActCtxW
SetMailslotInfo
TerminateThread
DefineDosDeviceW
EndUpdateResourceW
WriteConsoleA
GetPrivateProfileStructW
TryEnterCriticalSection
HeapLock
PeekConsoleInputW
GetTapeStatus
CreateSemaphoreW
FindResourceExW
GetLocalTime
CreateSemaphoreA
GetOverlappedResult
SetThreadLocale
SetFileShortNameA
lstrcpyA
VerLanguageNameW
UnlockFile
GetConsoleAliasW
GetConsoleAliasExesLengthW
EnumDateFormatsW
RequestDeviceWakeup
ResetWriteWatch
GetNumberOfConsoleInputEvents
TlsGetValue
GetComputerNameW
HeapFree
SetCommMask
SetEndOfFile
FindClose
PostQueuedCompletionStatus
AreFileApisANSI
SetWaitableTimer
EnumResourceNamesW
GetProcessTimes
GetConsoleAliasesLengthW
FatalAppExitA
lstrcpynW
GetNamedPipeInfo
FillConsoleOutputCharacterA
GetCompressedFileSizeW
FindNextVolumeMountPointW
GetFullPathNameW
WriteProfileStringA
SetHandleCount
GlobalAddAtomW
TerminateJobObject
QueryDosDeviceW
InitializeCriticalSection
Process32NextW
SetCurrentDirectoryW
GetBinaryTypeW
OpenMutexA
SetSystemTimeAdjustment
CallNamedPipeW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedCompareExchange
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
MoveFileA
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
HeapValidate
IsBadReadPtr
GetStringTypeW
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
GetStdHandle
WriteFile
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
ExitProcess
LoadLibraryW
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
SetFilePointer
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
SetStdHandle
GetConsoleOutputCP
CloseHandle
CreateFileA

advapi32

AbortSystemShutdownW

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nob
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zev
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nodes
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rahibad
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a11c9499d7d7700d41e1c4985c1ebc65

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 272KB - Virtual size: 271KB

.data Size: 35KB - Virtual size: 102KB

.nob Size: 512B - Virtual size: 5B

.zev Size: 512B - Virtual size: 75B

.nodes Size: 512B - Virtual size: 234B

.rahibad Size: 3KB - Virtual size: 3KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 272KB - Virtual size: 271KB

.data
Size: 35KB - Virtual size: 102KB

.nob
Size: 512B - Virtual size: 5B

.zev
Size: 512B - Virtual size: 75B

.nodes
Size: 512B - Virtual size: 234B

.rahibad
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 16KB - Virtual size: 15KB