f4949da7853697e4254b2b1577ed5e5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4949da7853697e4254b2b1577ed5e5f_JaffaCakes118
Size

590KB
MD5

f4949da7853697e4254b2b1577ed5e5f
SHA1

82654dc4498cab571a2e6c547bc4b769581770f2
SHA256

71ff4ef59f8bface5b8693b99d988d672ba08a57d331508d8b5dff73f8e8fe2c
SHA512

b9d1ff2af74613ba3d577992644b03811016064a4c610d59bb48213b258091a3b870bac97e19228dafd3834165162de6fbbbeeb4884b7446a8723f72eee59eab
SSDEEP

12288:MceA/yvZlveI1ROFcaKIac9ulb57rL7KZ9QyVduA83mR/cE:JeZlTGCoYllb7KQyCy0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4949da7853697e4254b2b1577ed5e5f_JaffaCakes118

Files

f4949da7853697e4254b2b1577ed5e5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

371911b227edbe7096336cc847f8ecad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
CreateFileMappingA
lstrlenA

shell32

ShellExecuteA

Sections

Size: 2KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 265KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PEPack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_WRITE

.xpr01
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ldut
Size: 495B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

371911b227edbe7096336cc847f8ecad

Headers

File Characteristics

Imports

kernel32

shell32

Sections

Size: 2KB - Virtual size: 648KB

Size: - Virtual size: 12KB

Size: - Virtual size: 8KB

Size: - Virtual size: 16KB

Size: - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: - Virtual size: 44KB

.rsrc Size: - Virtual size: 36KB

Size: 265KB - Virtual size: 268KB

.data Size: 312KB - Virtual size: 316KB

.adata Size: - Virtual size: 4KB

.vmp0 Size: 1KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

.PEPack Size: 7KB - Virtual size: 8KB

.xpr01 Size: - Virtual size: 4KB

.ldut Size: 495B - Virtual size: 4KB

.rsrc
Size: - Virtual size: 36KB

.data
Size: 312KB - Virtual size: 316KB

.adata
Size: - Virtual size: 4KB

.vmp0
Size: 1KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB

.PEPack
Size: 7KB - Virtual size: 8KB

.xpr01
Size: - Virtual size: 4KB

.ldut
Size: 495B - Virtual size: 4KB