96c53da97c6cf0c79d278f0f69609ed6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96c53da97c6cf0c79d278f0f69609ed6_JaffaCakes118
Size

356KB
MD5

96c53da97c6cf0c79d278f0f69609ed6
SHA1

c57ae0b44b2feea3e4722c672e4d2c20aaa4d2de
SHA256

c1f58f6b35fba846df52983a880afa4aea441e19b446c753eff7da1a942c09ca
SHA512

08e04cecef4b1e4d6fc710115c1065de2d0e4ff358046ac5d00920a66814905af51f5859e4dbe92a7d2744fba092cb4addb96f349caaf608177de1766330bf44
SSDEEP

6144:rnuEzhHd/Opk3p1JWsjCLmwRHbN4mjc5SWH6NJBZwb9:rth9NJWsjDwR7NvjcSdNJBZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96c53da97c6cf0c79d278f0f69609ed6_JaffaCakes118

Files

96c53da97c6cf0c79d278f0f69609ed6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b256f252170418b0a18d155b1ebf593e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

V:\geritjei\adkmgrjgii\dfe\wfef.pdb

Imports

kernel32

GlobalMemoryStatus
CreateEventW
FindNextVolumeMountPointA
CreateTapePartition

urlmon

CoInternetCreateZoneManager

setupapi

SetupDiGetActualSectionToInstallA

ole32

CoFreeLibrary

msvcrt

memcpy

ntdsapi

DsFreeSpnArrayW

imm32

ImmSetStatusWindowPos

shell32

SHFileOperationA

comdlg32

ChooseColorW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ordo
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.t
Size: 4KB - Virtual size: 49B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b256f252170418b0a18d155b1ebf593e

Headers

File Characteristics

PDB Paths

Imports

kernel32

urlmon

setupapi

ole32

msvcrt

ntdsapi

imm32

shell32

comdlg32

Sections

.text Size: 12KB - Virtual size: 10KB

ordo Size: 4KB - Virtual size: 1KB

.t Size: 4KB - Virtual size: 49B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 371KB

.crt0 Size: 100KB - Virtual size: 97KB

CODE Size: 100KB - Virtual size: 97KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 12KB - Virtual size: 10KB

ordo
Size: 4KB - Virtual size: 1KB

.t
Size: 4KB - Virtual size: 49B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 371KB

.crt0
Size: 100KB - Virtual size: 97KB

CODE
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 28KB - Virtual size: 24KB