6920e9cada37481469643baa7005eb68_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6920e9cada37481469643baa7005eb68_JaffaCakes118
Size

172KB
MD5

6920e9cada37481469643baa7005eb68
SHA1

c523768f7c3ec497a7e1a083aa23e1a6f6bc7c28
SHA256

5a7c73db481459cc5506fdb2a27dfb9621e26168eb0e2e273bc1acfe7bc420f2
SHA512

76a57fc976d489ef1a84cc906b86be5d22d7c7a964e297cea3965d95b8d6c0eaa4fccbb89b28b3941b266a3d41ea44c9f2ab06b3a525ad87a99d8a89daa63a66
SSDEEP

3072:mBeoEepgjwqlRoSGuKrWVRCcd/xg5fnVVvJ221HCWY86bIWLu4Nrme/1Z:KE5NVJd/yf2M4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6920e9cada37481469643baa7005eb68_JaffaCakes118

Files

6920e9cada37481469643baa7005eb68_JaffaCakes118
.exe windows:6 windows x86 arch:x86

0b670cb2fac35d43260c3117f1d3f735

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetThreadDesktop
TranslateMessage
IsChild
CopyImage
GetWindow
GetMenuDefaultItem
LookupIconIdFromDirectoryEx
CloseWindow

kernel32

DuplicateHandle
CreateMutexW
GetCommandLineW
GlobalMemoryStatusEx
GetThreadTimes
DeleteCriticalSection
GetSystemDefaultUILanguage
GetTickCount64
Thread32First
CreateTimerQueue
SetSystemFileCacheSize
GetCurrentThread

advapi32

IsTokenRestricted
IsValidAcl

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.c
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b670cb2fac35d43260c3117f1d3f735

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 9KB

DATA Size: 4KB - Virtual size: 182B

.code Size: 24KB - Virtual size: 20KB

.crt Size: 76KB - Virtual size: 75KB

CODE Size: 8KB - Virtual size: 4KB

.rsrc Size: 32KB - Virtual size: 30KB

.c Size: 4KB - Virtual size: 832B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 9KB

DATA
Size: 4KB - Virtual size: 182B

.code
Size: 24KB - Virtual size: 20KB

.crt
Size: 76KB - Virtual size: 75KB

CODE
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 30KB

.c
Size: 4KB - Virtual size: 832B