JaffaCakes118_ea8b566f1f82954875d06ee8000ed659d60dba9f3b77dbc61ee45366df5c1ab4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_ea8b566f1f82954875d06ee8000ed659d60dba9f3b77dbc61ee45366df5c1ab4
Size

4.3MB
MD5

5da382bb2a1921de30fd09163e676bc4
SHA1

0fea6283a5ee24b7306d4d59948468cd1a843ad1
SHA256

ea8b566f1f82954875d06ee8000ed659d60dba9f3b77dbc61ee45366df5c1ab4
SHA512

b4fdf5f260efe1aa2361c24b453509ac0a43cd63a39695e6b01bf36037951ed059074fe692b8d45e125820fb530e6107afb40ea07b4eeda0c5e4c2020ecb95fe
SSDEEP

98304:VoicngBPj6WHyW6q07DDcsHdVr/W8EpE3Ft03qqBAAKI2W36:8ohecsHHzgiuacnKI2n

Score

1^/10

Malware Config

Signatures

Files

JaffaCakes118_ea8b566f1f82954875d06ee8000ed659d60dba9f3b77dbc61ee45366df5c1ab4
.exe windows:5 windows x86 arch:x86

01859e92eb5f1c78492a636dc46035c7

Code Sign

31:ce:70:dc:81:be:46:c6:e6:00:a2:72:81:4b:dc:60
Certificate

Issuer

POSTALCODE=10305

Not Before

18-11-2021 20:26

Not After

18-11-2022 20:26

Subject

POSTALCODE=10305

10:fd:90:f2:cc:93:6c:61:f7:10:2d:52:ea:ee:18:be:f3:54:8a:da:7e:25:70:5e:e0:83:b8:78:7e:bd:73:98
Signer

Actual PE Digest

10:fd:90:f2:cc:93:6c:61:f7:10:2d:52:ea:ee:18:be:f3:54:8a:da:7e:25:70:5e:e0:83:b8:78:7e:bd:73:98

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\kebo76\rujire\dagewetamufa homesujemeha.pdb

Imports

kernel32

WriteConsoleInputW
lstrlenA
GetConsoleAliasesLengthW
CommConfigDialogA
FreeLibrary
InterlockedIncrement
CreateJobObjectW
GetNamedPipeHandleStateA
SetVolumeMountPointW
GetComputerNameW
FreeEnvironmentStringsA
GetModuleHandleW
GetProcessHeap
GetPrivateProfileStringW
GetConsoleTitleA
ReadConsoleW
GetWindowsDirectoryA
GetSystemWow64DirectoryA
CreateActCtxW
TlsSetValue
SetFileShortNameW
GetConsoleMode
GetVersionExW
LeaveCriticalSection
GlobalFlags
SetDllDirectoryA
MulDiv
VerifyVersionInfoA
IsDBCSLeadByte
GetModuleFileNameW
GetCompressedFileSizeA
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
SetCurrentDirectoryA
GetLastError
GetLongPathNameW
SetLastError
BackupRead
CreateNamedPipeA
SearchPathA
GetNumaHighestNodeNumber
GetPrivateProfileStringA
ProcessIdToSessionId
LocalAlloc
GetFileType
GetVolumePathNamesForVolumeNameA
GetModuleFileNameA
WriteProfileStringA
GetProcessShutdownParameters
FreeEnvironmentStringsW
BuildCommDCBA
VirtualProtect
CompareStringA
GetConsoleCursorInfo
OutputDebugStringA
FindFirstVolumeA
ReadConsoleInputW
FileTimeToLocalFileTime
GetSystemTime
TlsFree
CopyFileExA
CommConfigDialogW
ExitProcess
GetStartupInfoW
GetCommandLineW
HeapSetInformation
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
DecodePointer
GetProcAddress
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapValidate
IsBadReadPtr
EncodePointer
TlsAlloc
TlsGetValue
HeapCreate
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
EnterCriticalSection
LoadLibraryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
RtlUnwind
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
WriteConsoleW
OutputDebugStringW
IsProcessorFeaturePresent
SetFilePointer
GetConsoleCP
RaiseException
SetStdHandle
CreateFileW
CloseHandle
FlushFileBuffers

gdi32

GetBitmapBits

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ton
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lokep
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01859e92eb5f1c78492a636dc46035c7

Code Sign

31:ce:70:dc:81:be:46:c6:e6:00:a2:72:81:4b:dc:60Certificate

10:fd:90:f2:cc:93:6c:61:f7:10:2d:52:ea:ee:18:be:f3:54:8a:da:7e:25:70:5e:e0:83:b8:78:7e:bd:73:98Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.data Size: 4KB - Virtual size: 12.3MB

.ton Size: 1KB - Virtual size: 4KB

.lokep Size: 512B - Virtual size: 75B

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 52KB - Virtual size: 52KB

31:ce:70:dc:81:be:46:c6:e6:00:a2:72:81:4b:dc:60
Certificate

10:fd:90:f2:cc:93:6c:61:f7:10:2d:52:ea:ee:18:be:f3:54:8a:da:7e:25:70:5e:e0:83:b8:78:7e:bd:73:98
Signer

.text
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 4KB - Virtual size: 12.3MB

.ton
Size: 1KB - Virtual size: 4KB

.lokep
Size: 512B - Virtual size: 75B

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 52KB - Virtual size: 52KB