JaffaCakes118_9a56bdde57d8b56ebda21782792001e185721ef160fcc83bd197837e0447cabd

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9a56bdde57d8b56ebda21782792001e185721ef160fcc83bd197837e0447cabd
Size

4.3MB
MD5

d2db79f63a9b9c426ce35e036e0bae42
SHA1

9006f5fd08056316842242b1a8b37203da37e2df
SHA256

9a56bdde57d8b56ebda21782792001e185721ef160fcc83bd197837e0447cabd
SHA512

637e1be695804fef14aaec3f7cb73e7c2344357ade6f02ab73a26a3c0540accacfa74f3ed3ab05f6f643b090036eb281d9a9d19697f3c5c29a607b35c2e3bf24
SSDEEP

98304:au0KkU7KOU6QbDQOUQ+NAenGTEGqIjbsuvgVuQjOaw0zlcU6SK4r:au0ZU7lUsbe0GTLqIsuwOP0eHSJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dcc03a043124cdd79efa4032076db71d47f29e5e0f3fb3ec9337f1fa6e9d6d6e

Files

JaffaCakes118_9a56bdde57d8b56ebda21782792001e185721ef160fcc83bd197837e0447cabd
.zip

Password: infected
dcc03a043124cdd79efa4032076db71d47f29e5e0f3fb3ec9337f1fa6e9d6d6e
.exe windows:5 windows x86 arch:x86

0b7d0cfc3cf5ef8b4576040fae638eaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\tuto\rugunabawem.pdb

Imports

kernel32

lstrlenA
CopyFileExW
SetEndOfFile
HeapAlloc
SetUnhandledExceptionFilter
WritePrivateProfileSectionA
GetModuleHandleExW
GetProfileSectionA
SetVolumeMountPointW
OpenSemaphoreA
EnumTimeFormatsW
CreateActCtxW
SetProcessPriorityBoost
GetDriveTypeA
LoadLibraryW
TerminateThread
ReadConsoleInputA
CopyFileW
GetPrivateProfileStructW
GlobalFlags
WritePrivateProfileStructW
SetConsoleMode
SetTimeZoneInformation
VerifyVersionInfoA
WriteConsoleW
GetBinaryTypeA
GetAtomNameW
IsDBCSLeadByte
ReadFile
CreateFileW
CompareStringW
GetACP
CreateDirectoryA
InterlockedExchange
SetCurrentDirectoryA
FindFirstFileA
OpenMutexW
GlobalFix
SetLastError
GetThreadLocale
GetProcAddress
GetComputerNameExW
IsValidCodePage
SetComputerNameA
GetTempFileNameA
ResetEvent
OpenWaitableTimerA
LoadLibraryA
WriteConsoleA
UnhandledExceptionFilter
LocalAlloc
GetFileType
WriteProfileSectionW
AddAtomA
SetCommMask
SetSystemTime
SetEnvironmentVariableA
GetModuleFileNameA
SetConsoleCursorInfo
SetConsoleTitleW
GetModuleHandleA
DebugBreakProcess
FreeEnvironmentStringsW
BuildCommDCBA
GetCurrentDirectoryA
GetCPInfoExA
SetCalendarInfoA
GetVersionExA
ReadConsoleOutputCharacterW
TlsFree
LCMapStringW
GetVolumeInformationW
SetStdHandle
CloseHandle
GetHandleInformation
FillConsoleOutputCharacterA
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
DecodePointer
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
GetEnvironmentStringsW
HeapValidate
IsBadReadPtr
TlsAlloc
TlsGetValue
TlsSetValue
GetLastError
HeapCreate
WriteFile
OutputDebugStringA
OutputDebugStringW
RtlUnwind
MultiByteToWideChar
GetOEMCP
GetCPInfo
RaiseException
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetStringTypeW
SetFilePointer

user32

GetMessageTime
GetMenuCheckMarkDimensions

advapi32

AdjustTokenPrivileges

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

0b7d0cfc3cf5ef8b4576040fae638eaf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 21KB - Virtual size: 41KB

.rsrc Size: 21KB - Virtual size: 4.7MB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 21KB - Virtual size: 41KB

.rsrc
Size: 21KB - Virtual size: 4.7MB