11f20e9364ef5099187b3445629888d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

11f20e9364ef5099187b3445629888d3_JaffaCakes118
Size

448KB
MD5

11f20e9364ef5099187b3445629888d3
SHA1

6ba5298ae64dccbd30a17c915428038ab67f1988
SHA256

412d5f1887c34fe7ee92a3fa9328c6003edfd345ad9020f1aed42a4a81341e37
SHA512

6cbddbfad98904d5681ce509ccc1559a5977d43b90c96d2d617d46b6864a94cbd91303df83acd5073944dd3042377fe55325da9e3955d982697c8b02a81436d1
SSDEEP

3072:zt17ybOENdXAMKz+3LxbGp9uRFCv1VvQia23Q80nOgNo:2bOEnXATzoNTrCvnQ+QZOgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11f20e9364ef5099187b3445629888d3_JaffaCakes118

Files

11f20e9364ef5099187b3445629888d3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

175c60f7cf220ca3836844b5a674ff5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcAsyncAbortCall

crypt32

CryptEncryptMessage

gdi32

OffsetWindowOrgEx
GetCharWidth32W
CreatePalette

pdh

PdhCloseQuery

kernel32

GetModuleHandleA
GetNLSVersion
WinExec
GetSystemRegistryQuota

msvcrt

memset

ws2_32

WSASetLastError

ole32

OleCreateLink

advapi32

RegSaveKeyA

winscard

SCardGetStatusChangeW

shlwapi

StrCatW

clusapi

CloseClusterResource

user32

CharToOemW

mscms

OpenColorProfileW

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

wP5BA
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g*c=
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

175c60f7cf220ca3836844b5a674ff5c

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

crypt32

gdi32

pdh

kernel32

msvcrt

ws2_32

ole32

advapi32

winscard

shlwapi

clusapi

user32

mscms

Sections

.text Size: 48KB - Virtual size: 46KB

.data Size: 36KB - Virtual size: 43KB

.crt0 Size: 4KB - Virtual size: 1KB

wP5BA Size: 144KB - Virtual size: 141KB

g*c= Size: 208KB - Virtual size: 205KB

.rsrc Size: 4KB - Virtual size: 728B

.text
Size: 48KB - Virtual size: 46KB

.data
Size: 36KB - Virtual size: 43KB

.crt0
Size: 4KB - Virtual size: 1KB

wP5BA
Size: 144KB - Virtual size: 141KB

g*c=
Size: 208KB - Virtual size: 205KB

.rsrc
Size: 4KB - Virtual size: 728B