1fae6b9c2a8fd9dfdf38aa0b1d01b25b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1fae6b9c2a8fd9dfdf38aa0b1d01b25b_JaffaCakes118
Size

200KB
MD5

1fae6b9c2a8fd9dfdf38aa0b1d01b25b
SHA1

64cf1da8eb38299ba27790c775299f722c3084fa
SHA256

873b9eaef6ea5ed6126086594529a3395bdbc5d63c97d89de47118c79080104e
SHA512

eaef7c039aed411f24d250bbc96110d3c02f274158335b148eac343c26e08be112169960a32d9a1cd8428c7b7a153e0c00d6ccabd530f3fe321011bce247c821
SSDEEP

1536:bHHSPMTGedPw+S87jtxu3mG9OXhq2O1QM09984cy2:jHSPMTGedoqjDu26yfOyMR4h2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fae6b9c2a8fd9dfdf38aa0b1d01b25b_JaffaCakes118

Files

1fae6b9c2a8fd9dfdf38aa0b1d01b25b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0127bf89e0d7d8a6ced248e9c479c957

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

534623***)(.pdb

Imports

esent

JetBeginExternalBackup

comdlg32

GetFileTitleA

ws2_32

inet_addr

ole32

OleLoadFromStream
PropVariantClear

user32

EmptyClipboard
GetMenuStringW

imm32

ImmDestroyContext

msi

ord114

urlmon

SetSoftwareUpdateAdvertisementState

kernel32

GetComputerNameA
FindAtomW
GetCommandLineA
SetFileApisToOEM
SetFileApisToANSI
GetThreadLocale
CreateFileMappingW
FreeConsole
RemoveDirectoryW
SetEnvironmentVariableW
GetProcessHeap
CreateEventW
GetFileInformationByHandle
InterlockedExchange
HeapAlloc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

32^^text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.werheer
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0127bf89e0d7d8a6ced248e9c479c957

Headers

File Characteristics

PDB Paths

Imports

esent

comdlg32

ws2_32

ole32

user32

imm32

msi

urlmon

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.code Size: 109KB - Virtual size: 108KB

.data Size: 1024B - Virtual size: 5KB

.idata Size: 3KB - Virtual size: 2KB

32^^text Size: 30KB - Virtual size: 29KB

_ Size: 34KB - Virtual size: 33KB

.werheer Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 892B

.text
Size: 16KB - Virtual size: 15KB

.code
Size: 109KB - Virtual size: 108KB

.data
Size: 1024B - Virtual size: 5KB

.idata
Size: 3KB - Virtual size: 2KB

32^^text
Size: 30KB - Virtual size: 29KB

_
Size: 34KB - Virtual size: 33KB

.werheer
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 892B