JaffaCakes118_f5954cce413ce2a9efc23a5305119086

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_f5954cce413ce2a9efc23a5305119086
Size

10.5MB
MD5

f5954cce413ce2a9efc23a5305119086
SHA1

f32dc47cfbbeb1eda1346c75e57a920564d64357
SHA256

b7d7a39f5621f9e8844461563807c51d89433ffc61b322864d416db80d912569
SHA512

141cc87398d9417ad5e87c314f842de6c1cf4d8aff79f70602f8beea7d8adcf93102ed2a092b4aa64b03b49f7228306f7f3fd6cfa152471ef60e26f60fa0f9d3
SSDEEP

6144:dh3STswjk6CQXYrqNX53fVhBIixhIKIHFmfpBggggggggggggggggggggggggggg:vSbA6forqH3fPBTI/H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f5954cce413ce2a9efc23a5305119086

Files

JaffaCakes118_f5954cce413ce2a9efc23a5305119086
.exe windows:5 windows x86 arch:x86

bb4951626fd6a58539f3c8da425b0e27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\popagulid-se.pdb

Imports

kernel32

ExitProcess
GetFileSize
GlobalDeleteAtom
SetFilePointer
lstrlenA
TlsGetValue
GetConsoleAliasExesA
SetLocalTime
CommConfigDialogA
FreeLibrary
InterlockedDecrement
SetFirmwareEnvironmentVariableA
CreateDirectoryW
GetProfileSectionA
GetComputerNameW
SetTapeParameters
GetTickCount
CreateNamedPipeW
GetConsoleAliasesLengthA
GetPrivateProfileStringW
WriteFile
FindActCtxSectionStringA
EnumTimeFormatsW
CreateDirectoryExW
SetProcessPriorityBoost
ActivateActCtx
GlobalAlloc
GetSystemDirectoryW
LoadLibraryW
GetConsoleMode
SetCommConfig
_hread
SizeofResource
GetSystemWow64DirectoryW
SetSystemTimeAdjustment
GetSystemWindowsDirectoryA
GetVersionExW
InterlockedPopEntrySList
GlobalFlags
ReadFile
GetBinaryTypeW
GetOverlappedResult
CompareStringW
SetConsoleTitleA
GlobalUnlock
DeactivateActCtx
GetNamedPipeHandleStateW
VerifyVersionInfoW
ReleaseActCtx
GetStartupInfoA
GetCurrentDirectoryW
ReadConsoleOutputCharacterA
GetProcessHeaps
GetComputerNameExW
SetStdHandle
FreeUserPhysicalPages
SetComputerNameA
VerLanguageNameW
GetAtomNameA
LoadLibraryA
Process32FirstW
CreateSemaphoreW
SetCalendarInfoW
SetConsoleCtrlHandler
SetCurrentDirectoryW
WriteProfileSectionW
VirtualLock
SetConsoleWindowInfo
FindAtomA
WriteProfileStringA
GetProcessShutdownParameters
QueryMemoryResourceNotification
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
GetCPInfoExA
_lopen
TlsAlloc
GetWindowsDirectoryW
GetVersion
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
LCMapStringW
CopyFileExA
DeleteFileA
CreateFileA
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
InterlockedIncrement
GetProcAddress
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsFree
SetLastError
GetLastError
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
WideCharToMultiByte
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP
CloseHandle
WriteConsoleA
GetConsoleOutputCP

user32

GetCursorInfo

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10.3MB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb4951626fd6a58539f3c8da425b0e27

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 67KB - Virtual size: 91KB

.rsrc Size: 55KB - Virtual size: 55KB

.reloc Size: 10.3MB - Virtual size: 13KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 67KB - Virtual size: 91KB

.rsrc
Size: 55KB - Virtual size: 55KB

.reloc
Size: 10.3MB - Virtual size: 13KB