JaffaCakes118_4ed52beb87115613314a21d52638e6fb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_4ed52beb87115613314a21d52638e6fb
Size

13.2MB
MD5

4ed52beb87115613314a21d52638e6fb
SHA1

f85427d24582cf1a66606d171f6718d93b141546
SHA256

60e01eabbc05e7a80be2f23ad0902b0598f433ac3bfd06e0371429893ceb57ea
SHA512

fcd09c63032cba0d290ebef76830f095e84ccb4671dd53e4423cfcbba1fe0945e00f91b00c68b135591768937c520e71acad14dc3a06492de0208c17dd9b0db9
SSDEEP

49152:MIc6CLNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN3:1c6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4ed52beb87115613314a21d52638e6fb

Files

JaffaCakes118_4ed52beb87115613314a21d52638e6fb
.exe windows:5 windows x86 arch:x86

420327dfffd46aadc98c63146719b596

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\kidiporifoyurenugoc47 patoyug xupibiga woyiweyixug jahodahey.pdb

Imports

kernel32

DosDateTimeToFileTime
SetDefaultCommConfigA
CreateMutexW
lstrlenA
_llseek
SetEndOfFile
BuildCommDCBAndTimeoutsA
WriteTapemark
CreateJobObjectW
GetNamedPipeHandleStateA
WaitForSingleObject
SetComputerNameW
CallNamedPipeW
WriteFile
SetCommState
SetProcessPriorityBoost
GetDriveTypeA
ActivateActCtx
GlobalAlloc
LoadLibraryW
TerminateThread
Sleep
CopyFileW
GetPrivateProfileStructW
GetSystemPowerStatus
GetConsoleWindow
GetSystemTimeAdjustment
DeleteVolumeMountPointW
LeaveCriticalSection
IsDBCSLeadByte
GetBinaryTypeW
GetOverlappedResult
GetACP
lstrlenW
RaiseException
DeactivateActCtx
GetProcAddress
GetTapeStatus
BeginUpdateResourceW
SetVolumeLabelW
LoadLibraryA
BuildCommDCBAndTimeoutsW
IsSystemResumeAutomatic
SetConsoleDisplayMode
SetConsoleOutputCP
SetCurrentDirectoryW
PostQueuedCompletionStatus
AddAtomA
GetTapeParameters
SetEnvironmentVariableA
EnumDateFormatsA
GetThreadPriority
GetCommTimeouts
GetCurrentDirectoryA
CompareStringA
_lopen
GetVersionExA
LocalSize
CopyFileExA
AreFileApisANSI
lstrcpyA
CloseHandle
CreateFileA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
MoveFileA
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
GetModuleHandleA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

winhttp

WinHttpCloseHandle

Exports

Exports

_futurama@4
_hiduk@8
_hockey@4
_husaberg@4
_hyppo@4
_lifan@8

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.losac
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.locit
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.0MB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

420327dfffd46aadc98c63146719b596

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

winhttp

Exports

Exports

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 39.4MB

.losac Size: 1024B - Virtual size: 4KB

.locit Size: 512B - Virtual size: 74B

.rsrc Size: 13.0MB - Virtual size: 27KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 39.4MB

.losac
Size: 1024B - Virtual size: 4KB

.locit
Size: 512B - Virtual size: 74B

.rsrc
Size: 13.0MB - Virtual size: 27KB