JaffaCakes118_5464df8918e5977f6e16e1f39898b92b5b69a4f0ab6d2f3374bf0b4aca246eee

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_5464df8918e5977f6e16e1f39898b92b5b69a4f0ab6d2f3374bf0b4aca246eee
Size

299KB
MD5

fc7e642644626b8857777f4b253f115d
SHA1

17b38fb3dd5826a4f6d5208dbd2292011b13ee28
SHA256

5464df8918e5977f6e16e1f39898b92b5b69a4f0ab6d2f3374bf0b4aca246eee
SHA512

6799435871d1dd58f240cff67b5c3718609c5b679d84bae4552901561e37f2ac8dd3fb68ba20538e7dcdc02a6a5cac6e25f48906da0722280ac17144295f4b14
SSDEEP

6144:f/blk14f8PO3ZCxKjlndRHaTQPr4EZdtgIP:fZbrCxKXRHaTQ0KQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5464df8918e5977f6e16e1f39898b92b5b69a4f0ab6d2f3374bf0b4aca246eee

Files

JaffaCakes118_5464df8918e5977f6e16e1f39898b92b5b69a4f0ab6d2f3374bf0b4aca246eee
.exe windows:5 windows x86 arch:x86

11caefc927578dff0bd17e4ef4b3bd12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xijusucosufi\xokevabateji\pifi84 jamagi-lebojotiru.pdb

Imports

kernel32

CallNamedPipeW
TerminateThread
GetExitCodeProcess
GetVersionExA
SetConsoleCP
GetConsoleAliasesLengthW
GetDefaultCommConfigA
FindFirstFileExA
GetDriveTypeA
FreeEnvironmentStringsA
SetProcessPriorityBoost
SetVolumeMountPointA
GetLongPathNameA
CopyFileW
TlsGetValue
SetConsoleCursorInfo
GlobalHandle
TzSpecificLocalTimeToSystemTime
FindAtomA
ReleaseSemaphore
GetNamedPipeHandleStateA
CreateMailslotW
BuildCommDCBAndTimeoutsA
VirtualProtect
GetModuleHandleA
LocalAlloc
TryEnterCriticalSection
TlsSetValue
GetCommandLineA
InterlockedExchange
GetCalendarInfoA
DeleteFileW
CreateActCtxA
CreateRemoteThread
CreateThread
GetPriorityClass
WritePrivateProfileStringW
GetProcessHeaps
GetProcessHeap
GlobalUnWire
ReadConsoleOutputCharacterW
GetStartupInfoA
GetDiskFreeSpaceExW
GetCPInfoExA
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetProfileStringA
WriteProfileSectionW
GetProfileStringW
GetLastError
GetStringTypeExW
DebugBreak
GetPrivateProfileSectionA
lstrcmpW
WriteFile
GetConsoleMode
TerminateProcess
GetThreadSelectorEntry
lstrcatA
CreateActCtxW
SetMailslotInfo
GetSystemTimeAdjustment
DefineDosDeviceW
EndUpdateResourceW
WriteConsoleW
GetPrivateProfileStructA
HeapLock
DisableThreadLibraryCalls
PeekConsoleInputW
GetTapeStatus
TransmitCommChar
WaitNamedPipeW
FindResourceExA
GetLocalTime
GetOverlappedResult
CreateSemaphoreW
SetThreadLocale
SetFileShortNameW
lstrcpyW
VerLanguageNameW
LockFile
GetConsoleAliasA
EnumDateFormatsW
GetWriteWatch
GetNumberOfConsoleInputEvents
WriteConsoleOutputCharacterA
GetConsoleAliasExesLengthW
OpenMutexW
GetComputerNameW
HeapFree
SetLastError
OpenMutexA
LocalReAlloc
SetCommMask
SetMessageWaitingIndicator
FindClose
PostQueuedCompletionStatus
AreFileApisANSI
SetWaitableTimer
EnumResourceNamesW
GetProcessHandleCount
FatalAppExitA
lstrcpynW
GetNamedPipeInfo
FillConsoleOutputCharacterW
GetCompressedFileSizeA
FindNextVolumeMountPointA
GetFullPathNameW
WriteProfileStringW
SetHandleCount
GlobalAddAtomA
TerminateJobObject
QueryDosDeviceA
InitializeCriticalSection
Process32FirstW
SetCurrentDirectoryA
GetBinaryTypeA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MoveFileA
RaiseException
GetStartupInfoW
HeapValidate
IsBadReadPtr
GetCurrentProcess
IsDebuggerPresent
GetModuleFileNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExitProcess
GetModuleFileNameA
GetStdHandle
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsAlloc
TlsFree
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
SetFilePointer
WideCharToMultiByte
GetConsoleCP
OutputDebugStringA
OutputDebugStringW
LoadLibraryW
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
FlushFileBuffers
ReadFile
CreateFileA
CloseHandle

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nehey
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tecote
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fepacu
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ror
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11caefc927578dff0bd17e4ef4b3bd12

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 237KB - Virtual size: 236KB

.data Size: 5KB - Virtual size: 72KB

.nehey Size: 512B - Virtual size: 5B

.tecote Size: 512B - Virtual size: 75B

.fepacu Size: 512B - Virtual size: 234B

.ror Size: 3KB - Virtual size: 3KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 237KB - Virtual size: 236KB

.data
Size: 5KB - Virtual size: 72KB

.nehey
Size: 512B - Virtual size: 5B

.tecote
Size: 512B - Virtual size: 75B

.fepacu
Size: 512B - Virtual size: 234B

.ror
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 15KB - Virtual size: 14KB