640f2a05a264b6897ed17f0edb228ed4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

640f2a05a264b6897ed17f0edb228ed4_JaffaCakes118
Size

102KB
MD5

640f2a05a264b6897ed17f0edb228ed4
SHA1

074b1a2ad44bd169cbab2454bd5ddc9ab1194ee2
SHA256

f478208ceeb20cc093d38b1c1a670ae535ba3a6b8b2b0cf68f9f39ab1208531a
SHA512

2cb7bcc943726422d4e0121c4a05256ba371a412094fb8bc6172752e46181ff12e426d54ea4ef8a8f1903842533f9d455db28a3afb968fda4031d069e5df1dad
SSDEEP

3072:pWzSlLzc1hIOBWL/FWes1qqdPPqDRR2GdF5cb:pflGrMLtEDnqDz7d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
640f2a05a264b6897ed17f0edb228ed4_JaffaCakes118

Files

640f2a05a264b6897ed17f0edb228ed4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dcafbf01b58be8a9884e56d25f93edcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HWS8dXz9.pdb

Imports

rpcrt4

RpcBindingInqAuthInfoExW

user32

SetMenu
GetMenuDefaultItem
SetTimer
GetThreadDesktop
GetTitleBarInfo
DdeSetUserHandle
ShowScrollBar
GetActiveWindow
GetFocus

kernel32

FindNextChangeNotification
FreeUserPhysicalPages
IsNLSDefinedString
GetNamedPipeInfo
GetCommandLineA
GetConsoleMode
GetFileType
GetConsoleScreenBufferInfo
GetStdHandle
GetCurrentThreadId

shlwapi

PathRemoveFileSpecA

winscard

SCardConnectW

msvcrt

malloc

gdi32

GetTextExtentExPointI
SetRectRgn

Sections

.code
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt0
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=LskM
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rCPikXCM
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcafbf01b58be8a9884e56d25f93edcc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rpcrt4

user32

kernel32

shlwapi

winscard

msvcrt

gdi32

Sections

.code Size: 17KB - Virtual size: 16KB

.qdata Size: 1024B - Virtual size: 938B

.rdata Size: 2KB - Virtual size: 1KB

.crt0 Size: 20KB - Virtual size: 24KB

=LskM Size: 28KB - Virtual size: 27KB

rCPikXCM Size: 25KB - Virtual size: 24KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 552B

.code
Size: 17KB - Virtual size: 16KB

.qdata
Size: 1024B - Virtual size: 938B

.rdata
Size: 2KB - Virtual size: 1KB

.crt0
Size: 20KB - Virtual size: 24KB

=LskM
Size: 28KB - Virtual size: 27KB

rCPikXCM
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 552B