JaffaCakes118_9a6634e15c4188c85396689914f6519b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9a6634e15c4188c85396689914f6519b
Size

480KB
MD5

9a6634e15c4188c85396689914f6519b
SHA1

67ebfdab093c22fe032d9ee2d97c5d6516cce844
SHA256

28d1bad8ff4c76932554da8840addffcf8a3febc48efb69465e5aee4fc378351
SHA512

b2b47de7913878190bafe18e145bf7722bbf257629cb936e81546ce4294277cd1231f6d33451c9d9bc18e23720ae4fecae3ae414040ddf37f62e0413e0a7fcd7
SSDEEP

12288:472k2IusGmBRl4P2hOo4qbJzzL+geBoP:lsGmDl02hOgneBK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9a6634e15c4188c85396689914f6519b

Files

JaffaCakes118_9a6634e15c4188c85396689914f6519b
.exe windows:4 windows x86 arch:x86

730920689a93e280db80c949508fd4d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA

kernel32

WideCharToMultiByte
GetCurrentProcess
LockResource
LoadResource
FindResourceA
ExitProcess
WriteProcessMemory
VirtualProtectEx
WaitForSingleObject
CreateThread
VirtualAlloc
GetProcAddress
LoadLibraryA
IsBadReadPtr
VirtualProtect
HeapAlloc
GetCommandLineA
HeapFree
GetVersionExA
GetProcessHeap
GetStartupInfoA
RaiseException
GetLastError
CloseHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ReadFile
DeleteCriticalSection
VirtualFree
HeapReAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
SetFilePointer
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSection
CreateFileA
GetCPInfo
GetACP
GetOEMCP
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
SetEndOfFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

730920689a93e280db80c949508fd4d5

Headers

File Characteristics

Imports

psapi

kernel32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 400KB - Virtual size: 399KB

.reloc Size: 8KB - Virtual size: 5KB

.bss Size: - Virtual size: 488KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 400KB - Virtual size: 399KB

.reloc
Size: 8KB - Virtual size: 5KB

.bss
Size: - Virtual size: 488KB