JaffaCakes118_c077d664f953607162a99c61e05cd65110f848cbfcc4140ab6d0429fca29f0dc

Sharing

Copy URL Twitter E-mail

General

Target

JaffaCakes118_c077d664f953607162a99c61e05cd65110f848cbfcc4140ab6d0429fca29f0dc
Size

157KB
MD5

3bb0a31288d781001d33aeedf06dd8dc
SHA1

981e01149abcd4418142f41758787cf91c97e9c5
SHA256

c077d664f953607162a99c61e05cd65110f848cbfcc4140ab6d0429fca29f0dc
SHA512

c0e8728c316b22fb7ac1e3fde375217240c9ac6f572c8af843f068cde53193534070a62484cbb504ece5e0f09a7d06256e2c940cf36a649741716b001d796c3d
SSDEEP

1536:o7iZ6fjIz/BBE9T6WKPeazpJn1ro7PAak0Am4xz3eyfAQpCJyGUx8z6CDzMAOjM0:+EtUJfg0sz3Jt0JVNxDOI5R4T9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c077d664f953607162a99c61e05cd65110f848cbfcc4140ab6d0429fca29f0dc

Files

JaffaCakes118_c077d664f953607162a99c61e05cd65110f848cbfcc4140ab6d0429fca29f0dc
.exe windows:5 windows x86 arch:x86

1e9673fd053a72437930c0bf72ec70cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\puhuvana-mocomodov51\godenolalavu.pdb

Imports

kernel32

LoadResource
HeapAlloc
GetConsoleAliasA
SetEnvironmentVariableW
GetEnvironmentStringsW
AddConsoleAliasW
FlushConsoleInputBuffer
GetTickCount
SetConsoleCursorPosition
WriteConsoleW
LCMapStringA
SetLastError
GetProcAddress
VirtualAlloc
BeginUpdateResourceW
GetAtomNameA
LoadLibraryA
LocalAlloc
GetModuleFileNameA
EraseTape
FindNextVolumeA
lstrcpyA
SetProcessAffinityMask
CreateFileW
ReadFile
EncodePointer
DecodePointer
GetModuleHandleW
ExitProcess
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
GetLastError
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
RtlUnwind
SetFilePointer
HeapFree
CloseHandle
LoadLibraryW
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CreateFileA
SetStdHandle
FlushFileBuffers
HeapSize
RaiseException
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
SetEndOfFile
GetProcessHeap

user32

SetCursorPos

gdi32

GetCharWidth32A

advapi32

CloseEventLog

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.befum
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e9673fd053a72437930c0bf72ec70cb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 36KB

.befum Size: 1024B - Virtual size: 626B

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 36KB

.befum
Size: 1024B - Virtual size: 626B

.rsrc
Size: 26KB - Virtual size: 26KB