JaffaCakes118_b6dbd2d0fbd8d9710a40e0f42753e68b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b6dbd2d0fbd8d9710a40e0f42753e68b
Size

233KB
MD5

b6dbd2d0fbd8d9710a40e0f42753e68b
SHA1

b073d500c013ce2cbed08bddcfa04eba0c4af22c
SHA256

299f191aa3decd3256c9c3522dd444321db8b45a49109ecd3ad14c57d6eccdb2
SHA512

33843e88ac3eb944192801a5555ef1abdc302d33419f9037bf8c23002fa1f72f0f10d3aa43ca45ea3d5cb39419e63611b361cc020ff714f3c33faff1f85d47f9
SSDEEP

3072:ggJYL+iU82IteL5hYcAhaW3q0Dj7VVkYvB5nxMwxWhoUqVRMlcK:ggJYLk6t5u0vZVkYzNWh2wp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b6dbd2d0fbd8d9710a40e0f42753e68b

Files

JaffaCakes118_b6dbd2d0fbd8d9710a40e0f42753e68b
.exe windows:5 windows x86 arch:x86

52a801ad557f691bdac97057d8163224

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
VirtualProtect
SetThreadContext
SetConsoleCP
FlushViewOfFile
MapViewOfFile
FlushFileBuffers
GlobalAlloc
SetFileShortNameA
GetLastError
GetConsoleOutputCP
CreateMailslotA
LCMapStringW
WriteProfileSectionA
SetConsoleMode
FindVolumeMountPointClose
GetTickCount
LCMapStringA
GetStringTypeW
GetStringTypeA
GetStartupInfoW
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
CloseHandle
CreateFileA
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
SetEndOfFile
GetProcessHeap
ReadFile
HeapSize
GetLocaleInfoA

user32

GetMenuStringA
SetPropW
GetMenuInfo

gdi32

SetICMProfileW

advapi32

ReportEventA

ole32

CoGetCurrentProcess

msimg32

TransparentBlt

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52a801ad557f691bdac97057d8163224

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msimg32

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 7.1MB

.rsrc Size: 158KB - Virtual size: 158KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 7.1MB

.rsrc
Size: 158KB - Virtual size: 158KB

.reloc
Size: 21KB - Virtual size: 21KB