802d184e2a52c883d6eda76c867e113b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

802d184e2a52c883d6eda76c867e113b_JaffaCakes118
Size

494KB
MD5

802d184e2a52c883d6eda76c867e113b
SHA1

91be4183026b1edf31ec012f518758a3aae8f11c
SHA256

a8f85fa4b0425924ea1f892d05ddd65c4340d32923dc2383f5fc56274ec10995
SHA512

0c091078c9c32568b87ab91a101e542b4198d9da23686acbcf1144146184b6fbfa106e23dcf6a6318edea61c3f75f4dbd09a961084431f63b1ccdb95e994ba13
SSDEEP

6144:0MX6KrMSfIp+VllGaWaTqUyEaviGnwNf15BYRkJmXuo:0MXFS+VyapTV/GwlpYRkJmXr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
802d184e2a52c883d6eda76c867e113b_JaffaCakes118

Files

802d184e2a52c883d6eda76c867e113b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ed1cc034e1876a8d1214f5832bfb3e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wehjWEJHwle#L;.pdb

Imports

secur32

MakeSignature

ole32

CoGetObject

user32

ModifyMenuA
SetUserObjectInformationW
TrackPopupMenuEx

oleaut32

SafeArrayLock

msvfw32

ICCompressorFree

advapi32

RegSetKeySecurity

setupapi

SetupGetLineTextA
SetupDiBuildClassInfoListExW

ws2_32

listen

ntdsapi

DsBindWithCredA

urlmon

CoInternetIsFeatureEnabledForUrl

kernel32

RemoveVectoredExceptionHandler
TzSpecificLocalTimeToSystemTime
GetModuleHandleA
GetDefaultCommConfigA

gdi32

FrameRgn
EnumFontsA

rasapi32

RasDeleteEntryW

shlwapi

AssocQueryStringW
StrChrA
StrChrNW

crypt32

CryptInstallDefaultContext

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ed1cc034e1876a8d1214f5832bfb3e3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

secur32

ole32

user32

oleaut32

msvfw32

advapi32

setupapi

ws2_32

ntdsapi

urlmon

kernel32

gdi32

rasapi32

shlwapi

crypt32

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 320KB - Virtual size: 325KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 27KB - Virtual size: 27KB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 320KB - Virtual size: 325KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 27KB - Virtual size: 27KB