8faf38f8fa6c738495716e8dd50f5a02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8faf38f8fa6c738495716e8dd50f5a02_JaffaCakes118
Size

3.7MB
MD5

8faf38f8fa6c738495716e8dd50f5a02
SHA1

ee444c7aaf87ceb7c00d5dc0e68b6cb733e15cea
SHA256

15ce23321f42f6e01dda3f0d7b3b1e6389697d271a6dcc8b28f99cc1c2b40ccd
SHA512

b51036f26aae1599e2c599f1549a917ff69aae3c29475d989cefd5b3402bbe0500f135caa68aa71f50dcfb477ed808db5cc8bda226e1987590ec8bc53ee3e9e3
SSDEEP

98304:b063AaLQv2PNi+qD982fOOia5lo13Z4LYp/g4vn:o6wOQv21i+qDS2f/ia5W1QN6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8faf38f8fa6c738495716e8dd50f5a02_JaffaCakes118

Files

8faf38f8fa6c738495716e8dd50f5a02_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9144c0bbf976a69aaad1b4216f124105

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeW

imagehlp

ImageEnumerateCertificates

shlwapi

SHEnumValueW

kernel32

GetFileType
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

DispatchMessageW

gdi32

GetStockObject

advapi32

CryptReleaseContext

shell32

SHGetSpecialFolderPathW

ole32

CoCreateGuid

oleaut32

VariantClear

ws2_32

gethostname

wldap32

ord35

mswsock

GetAcceptExSockaddrs

Sections

.text
Size: - Virtual size: 782KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9144c0bbf976a69aaad1b4216f124105

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

imagehlp

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

wldap32

mswsock

Sections

.text Size: - Virtual size: 782KB

.rdata Size: - Virtual size: 158KB

.data Size: - Virtual size: 39KB

.data0 Size: - Virtual size: 2.9MB

.data1 Size: 3.3MB - Virtual size: 3.3MB

.rsrc Size: 314KB - Virtual size: 314KB

.text
Size: - Virtual size: 782KB

.rdata
Size: - Virtual size: 158KB

.data
Size: - Virtual size: 39KB

.data0
Size: - Virtual size: 2.9MB

.data1
Size: 3.3MB - Virtual size: 3.3MB

.rsrc
Size: 314KB - Virtual size: 314KB