fe29aec0512f71ccfbe56197d28974a38e91ba673ec464d1f56035d9b3ba5582_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe29aec0512f71ccfbe56197d28974a38e91ba673ec464d1f56035d9b3ba5582_JaffaCakes118
Size

8.9MB
MD5

8c9e65d7d6ada2469b66628236f08bc0
SHA1

4d1c44d39373c1667f76b2f8e1ad8489c6eb0cb1
SHA256

fe29aec0512f71ccfbe56197d28974a38e91ba673ec464d1f56035d9b3ba5582
SHA512

07d2cc4f3d0fafc17ed69e406c1646fb043918a264e5edb95df8cce939098fa74b9f164e4a7d5e231cc28ae79d0642bc3f89c455c8fe456f2e15846f93dbdca0
SSDEEP

196608:VNE98kpocIIOsEfdqmOtoUYjT7MuVyFGBDJ+JgRsFjU9uftWwYSf:B6fObAuzVQGBDogSUUlWjS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe29aec0512f71ccfbe56197d28974a38e91ba673ec464d1f56035d9b3ba5582_JaffaCakes118

Files

fe29aec0512f71ccfbe56197d28974a38e91ba673ec464d1f56035d9b3ba5582_JaffaCakes118
.exe windows:6 windows x64 arch:x64

55ba3fa5cad96869e26a39a36bf2fcef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SystemParametersInfoA
CharUpperBuffW

advapi32

CopySid

ole32

CoCreateInstance

oleaut32

SysFreeString

userenv

UnloadUserProfile

ws2_32

recvfrom

Sections

.text
Size: - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1005KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g#.
Size: - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.:!4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.<!o
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ba3fa5cad96869e26a39a36bf2fcef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

userenv

ws2_32

Sections

.text Size: - Virtual size: 255KB

.rdata Size: - Virtual size: 206KB

.data Size: - Virtual size: 1005KB

.pdata Size: - Virtual size: 12KB

_RDATA Size: - Virtual size: 348B

.g#. Size: - Virtual size: 6.2MB

.:!4 Size: 3KB - Virtual size: 2KB

.<!o Size: 8.9MB - Virtual size: 8.9MB

.reloc Size: 512B - Virtual size: 260B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 255KB

.rdata
Size: - Virtual size: 206KB

.data
Size: - Virtual size: 1005KB

.pdata
Size: - Virtual size: 12KB

_RDATA
Size: - Virtual size: 348B

.g#.
Size: - Virtual size: 6.2MB

.:!4
Size: 3KB - Virtual size: 2KB

.<!o
Size: 8.9MB - Virtual size: 8.9MB

.reloc
Size: 512B - Virtual size: 260B

.rsrc
Size: 512B - Virtual size: 480B