JaffaCakes118_781d4cbc265b6ee0603f54c092a6ca5638e75ace30599a96244315078f9e6475

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_781d4cbc265b6ee0603f54c092a6ca5638e75ace30599a96244315078f9e6475
Size

186KB
MD5

8d6c8f3ee8ddac2c90286871a121b488
SHA1

b515696f4f30ac833c0590a4cb521316c61cd6c3
SHA256

781d4cbc265b6ee0603f54c092a6ca5638e75ace30599a96244315078f9e6475
SHA512

ca1c59a911dd25f408ee55e0268238a984be09c6af22f8f7241345c8d224038a67ee823f16e033cec96c87abe3aed84592ff3c0c857a414841639a3b3f20c904
SSDEEP

3072:IgVRw/Up1lNOnk4udMWoklZ+HgxMhmUVakEu34mbiQy/DonGaXFVCJdCwiNsqKXm:jzwoSk4eTligShmUVP34m8N2FWHXVokK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/efe0742345c9ba2a1ea7077966b34c3ef14010415b4d8158d41b84487f07e78c

Files

JaffaCakes118_781d4cbc265b6ee0603f54c092a6ca5638e75ace30599a96244315078f9e6475
.zip
efe0742345c9ba2a1ea7077966b34c3ef14010415b4d8158d41b84487f07e78c
.exe windows:5 windows x86 arch:x86

2a3abe3f2c2c4342ffe3930eed2d0e9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\zubipige\jexitumu\vihukeriwoz22\gogat.pdb

Imports

kernel32

FoldStringW
SetWaitableTimer
WaitNamedPipeA
CommConfigDialogW
SetSystemTimeAdjustment
SearchPathA
EnumResourceTypesA
GetCPInfoExA
EnumResourceTypesW
GetModuleFileNameA
WriteConsoleOutputCharacterW
GetConsoleAliasesLengthA
DeleteFileA
LocalAlloc
GetProcAddress
GetModuleHandleW
LoadLibraryW
AddRefActCtx
GetConsoleAliasW
FindFirstChangeNotificationA
GlobalAddAtomA
WritePrivateProfileStringW
EnumResourceNamesA
lstrcpynA
AddAtomA
GetConsoleAliasesLengthW
FreeConsole
SetPriorityClass
_lclose
SetCommMask
GetConsoleTitleW
CreateDirectoryExA
FillConsoleOutputCharacterW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent

advapi32

BackupEventLogW
CloseEventLog
DeregisterEventSource
GetNumberOfEventLogRecords
GetEventLogInformation

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 190KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a3abe3f2c2c4342ffe3930eed2d0e9b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 190KB - Virtual size: 563KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 190KB - Virtual size: 563KB

.rsrc
Size: 21KB - Virtual size: 21KB