4df3ffbb785795de68dec97206b6a696_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4df3ffbb785795de68dec97206b6a696_JaffaCakes118
Size

484KB
MD5

4df3ffbb785795de68dec97206b6a696
SHA1

e22f32f3e1371f6deeb39bbffb5fde6a08344c5f
SHA256

1d58c2f7b8364b1d207e39f91138b5079e6368a78312557117fcdc9f38deb87a
SHA512

310bda0a23f780b27937fe6065239326ca1576a3eba7fa7a1867a7d3b56da2dc29c5fcab1daa1e43a991e770a21d6cd208e21b5f551ebf219266315859c03122
SSDEEP

6144:YutAHuAX1/7zv+Ul4s/KFxhNDPPHf2TNhOAL68v6RD/Nqr49Jr:YxHu4/H6xhtPPHf2JhTxvU/4rI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
4df3ffbb785795de68dec97206b6a696_JaffaCakes118

Files

4df3ffbb785795de68dec97206b6a696_JaffaCakes118
.exe windows:4 windows x86 arch:x86

119062c2666ad144e92bffbd21ef16ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterNodeControl

msvcrt

sprintf
memcpy
vprintf
localeconv
iswupper

urlmon

RegisterFormatEnumerator

user32

ShowWindow
GetClassNameA
GetShellWindow
InSendMessageEx
FindWindowExA

kernel32

GetConsoleWindow
VirtualQuery
VirtualProtect
GetModuleHandleA
SetSystemTimeAdjustment
GetCommProperties
GetTimeZoneInformation
GetFileTime
GetProcessAffinityMask
GetWriteWatch
SetErrorMode
CallNamedPipeW
WTSGetActiveConsoleSessionId
SetFileApisToANSI
ConvertDefaultLocale
FileTimeToDosDateTime
UpdateResourceA

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+tPFG
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

D55jx
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+WmrwuJV
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aHdt
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119062c2666ad144e92bffbd21ef16ee

Headers

File Characteristics

Imports

clusapi

msvcrt

urlmon

user32

kernel32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 332KB

.idata Size: 24KB - Virtual size: 22KB

+tPFG Size: 44KB - Virtual size: 41KB

D55jx Size: 32KB - Virtual size: 28KB

.crt1 Size: 36KB - Virtual size: 35KB

+WmrwuJV Size: 120KB - Virtual size: 117KB

DATA Size: 36KB - Virtual size: 35KB

aHdt Size: 40KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 332KB

.idata
Size: 24KB - Virtual size: 22KB

+tPFG
Size: 44KB - Virtual size: 41KB

D55jx
Size: 32KB - Virtual size: 28KB

.crt1
Size: 36KB - Virtual size: 35KB

+WmrwuJV
Size: 120KB - Virtual size: 117KB

DATA
Size: 36KB - Virtual size: 35KB

aHdt
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 4KB