JaffaCakes118_467c2fcd367c964c7d347a86b12f431d5178760336360d82d02492fb4e189fb4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_467c2fcd367c964c7d347a86b12f431d5178760336360d82d02492fb4e189fb4
Size

169KB
MD5

0f8e3d40f63140e6d94672c2398cedb6
SHA1

0ee161a2e25b21bed17edca096836bb874a0135f
SHA256

467c2fcd367c964c7d347a86b12f431d5178760336360d82d02492fb4e189fb4
SHA512

11c85084d3c0db1a9b4fa2b83826c313ac5d4ca1ea3f2253a49a100a9a135f5ffdbfca6c5b88ec898d1001bd78b450e2dbc5d82876c8848593981d2051d6d10b
SSDEEP

3072:ePmXKeALDeYAJoHMWR2Oceh7XVmQdrUJY:NKe4eYHRWApnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_467c2fcd367c964c7d347a86b12f431d5178760336360d82d02492fb4e189fb4

Files

JaffaCakes118_467c2fcd367c964c7d347a86b12f431d5178760336360d82d02492fb4e189fb4
.exe windows:5 windows x86 arch:x86

df20e941b7aae524e8c7295e606402fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\pinutuzositi defuha\misudeg\fes\senimefumijefe waceciz.pdb

Imports

kernel32

SetThreadContext
GetDefaultCommConfigW
HeapAlloc
HeapFree
GetEnvironmentStringsW
SetConsoleScreenBufferSize
BackupSeek
GlobalAlloc
GetFirmwareEnvironmentVariableA
LoadLibraryW
SizeofResource
GetTapePosition
WriteConsoleW
GetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
WriteConsoleA
BeginUpdateResourceA
GetModuleFileNameA
SetConsoleCursorInfo
UpdateResourceW
AddConsoleAliasA
FindNextVolumeA
LCMapStringW
lstrcpyA
GetAtomNameW
SetProcessAffinityMask
CreateFileW
GetStringTypeW
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
Sleep
HeapSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetHandleCount
GetFileType
DeleteCriticalSection
SetFilePointer
CloseHandle
FreeEnvironmentStringsW
WideCharToMultiByte
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
SetEndOfFile
GetProcessHeap
MultiByteToWideChar
ReadFile

user32

GetCursorPos

gdi32

GetCharWidth32A

advapi32

DeregisterEventSource

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hibo
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wuwefiw
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.boduga
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df20e941b7aae524e8c7295e606402fe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 36KB

.hibo Size: 1024B - Virtual size: 626B

.wuwefiw Size: 512B - Virtual size: 23B

.boduga Size: 1024B - Virtual size: 963B

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 36KB

.hibo
Size: 1024B - Virtual size: 626B

.wuwefiw
Size: 512B - Virtual size: 23B

.boduga
Size: 1024B - Virtual size: 963B

.rsrc
Size: 34KB - Virtual size: 34KB