JaffaCakes118_43684bb4a9de7f90f1faab9fd2183891eb8a3a4ee635fd9a72995abae47b90fa

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_43684bb4a9de7f90f1faab9fd2183891eb8a3a4ee635fd9a72995abae47b90fa
Size

677KB
MD5

acabc7ffad1d8128582613418976c0cb
SHA1

864e6877a76543e1a5e0ad561bd053a3b1a1c4a4
SHA256

43684bb4a9de7f90f1faab9fd2183891eb8a3a4ee635fd9a72995abae47b90fa
SHA512

6ee15918a92f5990f864e43dd29c130ab67d2851f2721adb11f1ae025f207a3b2cca4e9fe9e43d623ac0123a12bd4d96a486454372fcf95f680ed8a413c2adbe
SSDEEP

12288:X7CybTT1JyeNvup0t6X9UrXedoxFwAe5g41IcLHtJPh2ZVhhOnYtuE1urwU3Wrth:X7CCJEeNv6ee9UhuVg4ecLNH2ZQYtuYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/299a64d47dbc636d81fc76f4c6837c5c0faf4e0a8aa8460dfb8877c2d7fa41d0

Files

JaffaCakes118_43684bb4a9de7f90f1faab9fd2183891eb8a3a4ee635fd9a72995abae47b90fa
.zip
299a64d47dbc636d81fc76f4c6837c5c0faf4e0a8aa8460dfb8877c2d7fa41d0
.exe windows:5 windows x86 arch:x86

8e49cd737c177fb9961f518322505e61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ziyujexejo_luy98-muciw-pebubeneyumal\roxa.pdb

Imports

kernel32

VerifyVersionInfoA
VerifyVersionInfoW
WriteConsoleInputA
EnumDateFormatsW
FindNextFileW
CopyFileExA
DnsHostnameToComputerNameW
ReadConsoleOutputCharacterW
SetConsoleActiveScreenBuffer
LockFile
GetProfileSectionA
QueryDosDeviceW
RequestWakeupLatency
GetProcessPriorityBoost
GetDriveTypeW
GlobalGetAtomNameA
DeleteFileA
FindNextVolumeMountPointW
TlsGetValue
SizeofResource
WriteConsoleInputW
GetConsoleTitleW
GetComputerNameExW
OpenEventA
CallNamedPipeA
GetModuleHandleW
GetSystemDirectoryA
GetDriveTypeA
BuildCommDCBAndTimeoutsA
GetProcAddress
GetModuleHandleA
GetShortPathNameA
GetCommandLineW
InterlockedIncrement
InterlockedExchange
CopyFileW
CreateActCtxW
FormatMessageW
EnterCriticalSection
FindNextVolumeW
CreateIoCompletionPort
LoadLibraryA
CreateNamedPipeW
GetSystemDefaultLangID
GetConsoleAliasesLengthA
WriteProfileSectionW
AddAtomW
InterlockedDecrement
HeapFree
_hwrite
InterlockedCompareExchange
GetStartupInfoW
CreateMailslotW
GetCPInfoExW
GetSystemWow64DirectoryW
GetLastError
GetPrivateProfileIntW
GetConsoleAliasExesLengthW
DebugBreak
SetLastError
LoadLibraryW
FindNextFileA
VirtualAlloc
GetACP
lstrcpyA
GetConsoleAliasA
GetDiskFreeSpaceExA
TerminateProcess
EnumResourceLanguagesA
SetConsoleTextAttribute
GlobalGetAtomNameW
CreateJobSet
MoveFileW
lstrcpynA
EnumSystemLocalesA
GetPrivateProfileSectionNamesW
GetFileAttributesW
FileTimeToSystemTime
CopyFileA
GetTapeParameters
lstrcmpW
SetEvent
MoveFileA
CreateMutexA
FindResourceW
GetCommState
FormatMessageA
CreateFiber
GetConsoleFontSize
LocalAlloc
SetFileShortNameA
lstrcpyW
HeapLock
GetFileAttributesA
SetCalendarInfoW
GetSystemWindowsDirectoryW
GetConsoleAliasesW
EnumDateFormatsExW
GetComputerNameW
GetPrivateProfileStructW
_hread
LocalFlags
OpenWaitableTimerA
EnumResourceNamesW
CreateFileMappingW
SetProcessShutdownParameters
lstrcpynW
WriteConsoleW
FreeUserPhysicalPages
WriteConsoleOutputCharacterW
OpenJobObjectW
CreateFileW
SetCurrentDirectoryA
GlobalWire
GetFileInformationByHandle
GetProfileSectionW
CommConfigDialogW
CreateFileA
GetDefaultCommConfigA
LocalFree
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
GetCurrentProcess
IsDebuggerPresent
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
GetOEMCP
GetCPInfo
IsValidCodePage
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CloseHandle

user32

CharToOemBuffW
CharUpperA
GetMessageTime
LoadMenuA

advapi32

AbortSystemShutdownW

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 586KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tixizej
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yab
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.soxona
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e49cd737c177fb9961f518322505e61

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 198KB - Virtual size: 197KB

.data Size: 586KB - Virtual size: 622KB

.tixizej Size: 1024B - Virtual size: 1024B

.yab Size: 1024B - Virtual size: 1024B

.soxona Size: 512B - Virtual size: 150B

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 198KB - Virtual size: 197KB

.data
Size: 586KB - Virtual size: 622KB

.tixizej
Size: 1024B - Virtual size: 1024B

.yab
Size: 1024B - Virtual size: 1024B

.soxona
Size: 512B - Virtual size: 150B

.rsrc
Size: 26KB - Virtual size: 26KB