8c7fc6b38e8f927f2a8e8888bbc3545c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c7fc6b38e8f927f2a8e8888bbc3545c_JaffaCakes118
Size

484KB
MD5

8c7fc6b38e8f927f2a8e8888bbc3545c
SHA1

b017d494790f3862a6851919f981e25dab8eebaa
SHA256

ddc22b54761307cf1af200cbbfdedc44bb76aa3d876155c6570b1729a7eaaa57
SHA512

7792e9b8029040eff7c7bb71cba4d938f7a6464276311adb5fd443ebbdafcb3533d7c120cfbab9ecd6b7e30762c37c5b3af1844f2b03db0cf6732a5dd02d0fad
SSDEEP

6144:0utAHuAX1/7zv+Ul4s/KFxhNDPPHf2TNhOAL68v6RD/Nqr49Jr:0xHu4/H6xhtPPHf2JhTxvU/4rI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8c7fc6b38e8f927f2a8e8888bbc3545c_JaffaCakes118

Files

8c7fc6b38e8f927f2a8e8888bbc3545c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

119062c2666ad144e92bffbd21ef16ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterNodeControl

msvcrt

sprintf
memcpy
vprintf
localeconv
iswupper

urlmon

RegisterFormatEnumerator

user32

ShowWindow
GetClassNameA
GetShellWindow
InSendMessageEx
FindWindowExA

kernel32

GetConsoleWindow
VirtualQuery
VirtualProtect
GetModuleHandleA
SetSystemTimeAdjustment
GetCommProperties
GetTimeZoneInformation
GetFileTime
GetProcessAffinityMask
GetWriteWatch
SetErrorMode
CallNamedPipeW
WTSGetActiveConsoleSessionId
SetFileApisToANSI
ConvertDefaultLocale
FileTimeToDosDateTime
UpdateResourceA

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+tPFG
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

D55jx
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+WmrwuJV
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aHdt
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119062c2666ad144e92bffbd21ef16ee

Headers

File Characteristics

Imports

clusapi

msvcrt

urlmon

user32

kernel32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 332KB

.idata Size: 24KB - Virtual size: 22KB

+tPFG Size: 44KB - Virtual size: 41KB

D55jx Size: 32KB - Virtual size: 28KB

.crt1 Size: 36KB - Virtual size: 35KB

+WmrwuJV Size: 120KB - Virtual size: 117KB

DATA Size: 36KB - Virtual size: 35KB

aHdt Size: 40KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 332KB

.idata
Size: 24KB - Virtual size: 22KB

+tPFG
Size: 44KB - Virtual size: 41KB

D55jx
Size: 32KB - Virtual size: 28KB

.crt1
Size: 36KB - Virtual size: 35KB

+WmrwuJV
Size: 120KB - Virtual size: 117KB

DATA
Size: 36KB - Virtual size: 35KB

aHdt
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 4KB