JaffaCakes118_bcab11e14d281232fd89ecbd980282470b5d7c451ed76f0d6bb5509991c176ac

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_bcab11e14d281232fd89ecbd980282470b5d7c451ed76f0d6bb5509991c176ac
Size

254KB
MD5

3e043f2612e852802ff985d954946303
SHA1

f930345bf9605d7c343067c234b5985eec755aff
SHA256

bcab11e14d281232fd89ecbd980282470b5d7c451ed76f0d6bb5509991c176ac
SHA512

eb7be1f0017628ad12a9f5d37c38d2cbc10f9f5c62a031b669b39fa8118e43dfd0358ace83e94d6b7159c705d32f4c5f8814cde0489a33895528fca158708956
SSDEEP

3072:N0Op87yjsXyye+S0k3Ge2NnU5Z4mBwFkASvIlPfcRjOIqvMRbY8YhVccii+duBpp:dEyh2eV4mkkASgNajOILRsN/ccngHR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_bcab11e14d281232fd89ecbd980282470b5d7c451ed76f0d6bb5509991c176ac

Files

JaffaCakes118_bcab11e14d281232fd89ecbd980282470b5d7c451ed76f0d6bb5509991c176ac
.exe windows:5 windows x86 arch:x86

01859e92eb5f1c78492a636dc46035c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\batapihagovaba 3\lexutilepo_tesot\riniki luyogehevuz-wi.pdb

Imports

kernel32

WriteConsoleInputW
lstrlenA
GetConsoleAliasesLengthW
CommConfigDialogA
FreeLibrary
InterlockedIncrement
CreateJobObjectW
GetNamedPipeHandleStateA
SetVolumeMountPointW
GetComputerNameW
FreeEnvironmentStringsA
GetModuleHandleW
GetProcessHeap
GetPrivateProfileStringW
GetConsoleTitleA
ReadConsoleW
GetWindowsDirectoryA
GetSystemWow64DirectoryA
CreateActCtxW
TlsSetValue
SetFileShortNameW
GetConsoleMode
GetVersionExW
LeaveCriticalSection
GlobalFlags
SetDllDirectoryA
MulDiv
VerifyVersionInfoA
IsDBCSLeadByte
GetModuleFileNameW
GetCompressedFileSizeA
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
SetCurrentDirectoryA
GetLastError
GetLongPathNameW
SetLastError
BackupRead
CreateNamedPipeA
SearchPathA
GetNumaHighestNodeNumber
GetPrivateProfileStringA
ProcessIdToSessionId
LocalAlloc
GetFileType
GetVolumePathNamesForVolumeNameA
GetModuleFileNameA
WriteProfileStringA
GetProcessShutdownParameters
FreeEnvironmentStringsW
BuildCommDCBA
VirtualProtect
CompareStringA
GetConsoleCursorInfo
OutputDebugStringA
FindFirstVolumeA
ReadConsoleInputW
FileTimeToLocalFileTime
GetSystemTime
TlsFree
CopyFileExA
CommConfigDialogW
ExitProcess
GetStartupInfoW
GetCommandLineW
HeapSetInformation
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
DecodePointer
GetProcAddress
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapValidate
IsBadReadPtr
EncodePointer
TlsAlloc
TlsGetValue
HeapCreate
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
EnterCriticalSection
LoadLibraryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
RtlUnwind
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
WriteConsoleW
OutputDebugStringW
IsProcessorFeaturePresent
SetFilePointer
GetConsoleCP
RaiseException
SetStdHandle
CreateFileW
CloseHandle
FlushFileBuffers

gdi32

GetBitmapBits

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zosake
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xahu
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01859e92eb5f1c78492a636dc46035c7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

Sections

.text Size: 187KB - Virtual size: 186KB

.data Size: 4KB - Virtual size: 12.3MB

.zosake Size: 1KB - Virtual size: 4KB

.xahu Size: 512B - Virtual size: 75B

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 187KB - Virtual size: 186KB

.data
Size: 4KB - Virtual size: 12.3MB

.zosake
Size: 1KB - Virtual size: 4KB

.xahu
Size: 512B - Virtual size: 75B

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 42KB - Virtual size: 42KB