634abd29ab5f0ca9608ba660f6518f31_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

634abd29ab5f0ca9608ba660f6518f31_JaffaCakes118
Size

380KB
MD5

634abd29ab5f0ca9608ba660f6518f31
SHA1

4cb24f4e8020a603f950de37fd6f2a4418796bdc
SHA256

14228af808c89b5e1fe2229e512bd036e33fbabea3b2a90ba8f884fe8c6c7357
SHA512

a1111877ce348931cc4037bd0798f4947557379a7390948c61841391db623960475ae14812309d6bd01916fb4f9b4cea27b8f684bb54b268ff725f4c6d99445a
SSDEEP

3072:/OvSgKVssaHwsdVXBVb4hssL86Qzrsut0e/x5J/JPBOysL5smLy/+dIL:/OvSnVywsdbzK6P/xhBKLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
634abd29ab5f0ca9608ba660f6518f31_JaffaCakes118

Files

634abd29ab5f0ca9608ba660f6518f31_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b6cfd550d8b37740b0ca187bb01d6b17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer

crypt32

CertAddEncodedCertificateToStore

version

GetFileVersionInfoSizeW

shlwapi

StrCmpNA

rasapi32

RasDialA

mprapi

MprInfoCreate

kernel32

WTSGetActiveConsoleSessionId
GetStringScripts
FreeConsole
GetDateFormatW
GetNamedPipeClientProcessId
VirtualQueryEx
GetModuleHandleA

msi

ord30

winmm

midiOutClose
waveOutGetID

netapi32

NetLocalGroupDel

user32

DdeFreeStringHandle
GetProcessDefaultLayout
GetLastActivePopup

gdi32

GetKerningPairsA
InvertRgn
ExtSelectClipRgn

shell32

SHGetMalloc

lz32

LZInit
LZSeek

msvfw32

ICGetDisplayFormat

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

_D2
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6cfd550d8b37740b0ca187bb01d6b17

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

crypt32

version

shlwapi

rasapi32

mprapi

kernel32

msi

winmm

netapi32

user32

gdi32

shell32

lz32

msvfw32

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 44KB - Virtual size: 50KB

.text Size: 1KB - Virtual size: 1KB

_D2 Size: 172KB - Virtual size: 172KB

PACK Size: 142KB - Virtual size: 142KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 44KB - Virtual size: 50KB

.text
Size: 1KB - Virtual size: 1KB

_D2
Size: 172KB - Virtual size: 172KB

PACK
Size: 142KB - Virtual size: 142KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB