e8052fbfd02396ef04a3814d2d51fd63_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e8052fbfd02396ef04a3814d2d51fd63_JaffaCakes118
Size

862KB
MD5

e8052fbfd02396ef04a3814d2d51fd63
SHA1

42ce5b397f41adbf269a2c61be70beb6a7359c00
SHA256

b0d20d8700427289263c80f1dc04b6c85b7d124738f07b02a5bdde5e6931198e
SHA512

ce84cc891c0abbb77b9a41882f926bb49dbcd87e9f703e3bd1f915127b0d8324cd25a4dedbfa64540825d36823247e3cdb4f3d7e3c75cc8a5914dd8fb3f3a8e2
SSDEEP

12288:/w4EnzBt2pFz9Kq3Y6GmDhUqFccF0KJA4rekVaYkIiL5lWGbAMrExsM7aVyLPFPI:EGpFJKqe8cc7A4reKxfOWGHm7lPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8052fbfd02396ef04a3814d2d51fd63_JaffaCakes118

Files

e8052fbfd02396ef04a3814d2d51fd63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41ba318c9f3478f5e03150179340cb37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheck
BuildSecurityDescriptorA
CryptDestroyHash
CryptHashSessionKey
FindFirstFreeAce
GetSecurityDescriptorControl
ObjectDeleteAuditAlarmA

kernel32

lstrlen

shlwapi

PathQuoteSpacesA
StrIsIntlEqualA

user32

EndMenu
EnumClipboardFormats
EnumDisplayMonitors
GetComboBoxInfo
GetTopWindow
InvalidateRect
SetKeyboardState
SetWindowContextHelpId
SetWindowRgn
ShowWindowAsync
VkKeyScanA

Sections

.kfs
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zalwd
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edgh
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kfw
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bcfa
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkxql
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yzozk
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nmb
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gpwbu
Size: 123KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41ba318c9f3478f5e03150179340cb37

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

Sections

.kfs Size: 638KB - Virtual size: 1.3MB

.zalwd Size: 6KB - Virtual size: 8KB

.edgh Size: 19KB - Virtual size: 27KB

.kfw Size: 512B - Virtual size: 21KB

.bcfa Size: 6KB - Virtual size: 15KB

.rkxql Size: 512B - Virtual size: 56B

.yzozk Size: 512B - Virtual size: 24B

.nmb Size: 49KB - Virtual size: 77KB

.gpwbu Size: 123KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.kfs
Size: 638KB - Virtual size: 1.3MB

.zalwd
Size: 6KB - Virtual size: 8KB

.edgh
Size: 19KB - Virtual size: 27KB

.kfw
Size: 512B - Virtual size: 21KB

.bcfa
Size: 6KB - Virtual size: 15KB

.rkxql
Size: 512B - Virtual size: 56B

.yzozk
Size: 512B - Virtual size: 24B

.nmb
Size: 49KB - Virtual size: 77KB

.gpwbu
Size: 123KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB