JaffaCakes118_da5fc1116d581cf024ca37d8ce816d4311bbe9e48c270c0be1eec4df0ccc5e34

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_da5fc1116d581cf024ca37d8ce816d4311bbe9e48c270c0be1eec4df0ccc5e34
Size

829KB
MD5

734ae031b3a4a246f4211f4b378be099
SHA1

b98d03592af85cd345f8fd9db3bf1d575e6ce80a
SHA256

da5fc1116d581cf024ca37d8ce816d4311bbe9e48c270c0be1eec4df0ccc5e34
SHA512

11e80d519e59ca626e504eb44f7f801cc1c355f6282a1037e988b8dd089ed3ec2ca59df7cf3a3d04840f0ec3d431d510361e1ef2042573b44abec4488ff94c07
SSDEEP

12288:ThydzySr8NfwOM9uj0hJeA6h9f37TXVY+6PbGu0lDdqD0SUF5y3sTl9unnwQ7/X:NuJuQhJC9f37hYNb4A0X5y30lOwA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_da5fc1116d581cf024ca37d8ce816d4311bbe9e48c270c0be1eec4df0ccc5e34

Files

JaffaCakes118_da5fc1116d581cf024ca37d8ce816d4311bbe9e48c270c0be1eec4df0ccc5e34
.exe windows:5 windows x86 arch:x86

48cfe16a49c9dcec905547ba5c78e3fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\hesaka\gakus\focahonoyaguy 5\hugot\16-hexohokufog50.pdb

Imports

kernel32

LocalFlags
GetConsoleTitleA
LoadLibraryW
InterlockedPopEntrySList
LeaveCriticalSection
WriteConsoleW
GetModuleFileNameW
lstrlenW
GetShortPathNameA
CreateDirectoryA
GetConsoleAliasesW
GetStdHandle
GetCPInfoExW
FillConsoleOutputCharacterW
SetLastError
SetMailslotInfo
WriteProfileSectionA
LoadLibraryA
LocalAlloc
SetCalendarInfoW
MoveFileA
SetProcessWorkingSetSize
SetConsoleWindowInfo
GetModuleFileNameA
GetModuleHandleA
FindFirstChangeNotificationA
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
GetConsoleAliasesLengthW
WriteConsoleOutputCharacterA
UnregisterWait
SetStdHandle
CloseHandle
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
HeapFree
EnterCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
WideCharToMultiByte
RtlUnwind
IsProcessorFeaturePresent
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
HeapSize
CreateFileW

gdi32

GetTextExtentExPointA

winhttp

WinHttpCloseHandle

Sections

.text
Size: 677KB - Virtual size: 677KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yedeta
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cog
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lap
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zero
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48cfe16a49c9dcec905547ba5c78e3fd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

winhttp

Sections

.text Size: 677KB - Virtual size: 677KB

.data Size: 24KB - Virtual size: 288KB

.yedeta Size: 3KB - Virtual size: 2KB

.cog Size: 1024B - Virtual size: 624B

.lap Size: 512B - Virtual size: 23B

.zero Size: 1024B - Virtual size: 963B

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 677KB - Virtual size: 677KB

.data
Size: 24KB - Virtual size: 288KB

.yedeta
Size: 3KB - Virtual size: 2KB

.cog
Size: 1024B - Virtual size: 624B

.lap
Size: 512B - Virtual size: 23B

.zero
Size: 1024B - Virtual size: 963B

.rsrc
Size: 120KB - Virtual size: 120KB