886b3f6d18a7ee1d6df9ebe21eece6d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

886b3f6d18a7ee1d6df9ebe21eece6d2_JaffaCakes118
Size

120KB
MD5

886b3f6d18a7ee1d6df9ebe21eece6d2
SHA1

01ffc0aa48b0d00077e84461aa1c031d40aa9e96
SHA256

9e282173aec8d15ab167d8c20056faaf7495e572390f3feb71efedb6cad49b8c
SHA512

c783a5d94ce973aa485ad1236c61f060b132e5d6439fd218ad2e37dbfcfa74ec99cf7e9f8f17a4a84c99900b8e3c741cec948690a9f1cc28d6dbf1b6b798d2e8
SSDEEP

1536:bpiOBSSX0gATSuUMi/Pj8sJufWi1I0/DkJrCfX4fnyWiyIcMErgWd:bwOBSeATzUv/b8FRj/wJkFc7go

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
886b3f6d18a7ee1d6df9ebe21eece6d2_JaffaCakes118

Files

886b3f6d18a7ee1d6df9ebe21eece6d2_JaffaCakes118
.exe windows:6 windows x86 arch:x86

f083868448280eb1c895f59578fc4611

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPolyFillMode
GetDCPenColor

kernel32

GetTapeStatus
GetConsoleProcessList
GetVersion
LockFileEx
NormalizeString
SetFilePointer
GetUserDefaultLCID
SetEvent
GetFileTime

advapi32

IsTokenRestricted

winscard

SCardGetCardTypeProviderNameA

user32

GetLastActivePopup
GetSysColor
EmptyClipboard
RegisterRawInputDevices
GetKeyboardType

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.YP
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.erloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT4
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f083868448280eb1c895f59578fc4611

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

advapi32

winscard

user32

Sections

.text Size: 8KB - Virtual size: 6KB

.YP Size: 4KB - Virtual size: 1KB

.data Size: 28KB - Virtual size: 31KB

.CRT Size: 28KB - Virtual size: 26KB

.erloc Size: 24KB - Virtual size: 23KB

.CRT4 Size: 16KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 984B

.reloc Size: 4KB - Virtual size: 188B

.text
Size: 8KB - Virtual size: 6KB

.YP
Size: 4KB - Virtual size: 1KB

.data
Size: 28KB - Virtual size: 31KB

.CRT
Size: 28KB - Virtual size: 26KB

.erloc
Size: 24KB - Virtual size: 23KB

.CRT4
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 984B

.reloc
Size: 4KB - Virtual size: 188B