JaffaCakes118_015dc29ff203fe924e29304a394acd5f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_015dc29ff203fe924e29304a394acd5f
Size

259KB
MD5

015dc29ff203fe924e29304a394acd5f
SHA1

411c6cfb1cef5788f6ef3f213c05e5ae143ee6ea
SHA256

4068134aa9735e766730dfecdfcdf42271748bd2e1fb97179fe0828c0e4a9b00
SHA512

72cac5acf15d9d61fb93e97cd3837ea6844ca0a0f26bc6593f684d21697b56b360099f4c642192bac606aa75f84065ebf89c9b5ca51df2044ed064499344163b
SSDEEP

6144:f3tMcM0vfC9eyIN4mZpMksmy75/cyCtO/IzWve:/Cr0S9eyIN7ZpMksx7Zc70/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_015dc29ff203fe924e29304a394acd5f

Files

JaffaCakes118_015dc29ff203fe924e29304a394acd5f
.exe windows:4 windows x86 arch:x86

88f2c6a17dba475d6656a78d677ab55f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
TlsAlloc
GetLastError
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcAddress

loadperf

SetServiceAsTrustedW
UpdatePerfNameFilesW
BackupPerfRegistryToFileW

faultrep

AddERExcludedApplicationW

Sections

CODE
Size: 1024B - Virtual size: 911B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wGF
Size: 3KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 107KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Wogk
Size: 3KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 111KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ExEP
Size: 1024B - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88f2c6a17dba475d6656a78d677ab55f

Headers

File Characteristics

Imports

kernel32

loadperf

faultrep

Sections

CODE Size: 1024B - Virtual size: 911B

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 46KB

.wGF Size: 3KB - Virtual size: 258KB

.edata Size: 107KB - Virtual size: 173KB

.Wogk Size: 3KB - Virtual size: 352KB

.data Size: 8KB - Virtual size: 187KB

.edata Size: 111KB - Virtual size: 154KB

.ExEP Size: 1024B - Virtual size: 197KB

.rsrc Size: 8KB - Virtual size: 8KB

CODE
Size: 1024B - Virtual size: 911B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 46KB

.wGF
Size: 3KB - Virtual size: 258KB

.edata
Size: 107KB - Virtual size: 173KB

.Wogk
Size: 3KB - Virtual size: 352KB

.data
Size: 8KB - Virtual size: 187KB

.edata
Size: 111KB - Virtual size: 154KB

.ExEP
Size: 1024B - Virtual size: 197KB

.rsrc
Size: 8KB - Virtual size: 8KB