abb90191e6265cac0f4afc608c7e69bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abb90191e6265cac0f4afc608c7e69bf_JaffaCakes118
Size

3.2MB
MD5

abb90191e6265cac0f4afc608c7e69bf
SHA1

845e0e3f31cc7aedfb01181cce67542b7d078541
SHA256

4499bc79064d534da2ad17d52e0650b2624409a4027cd5e79bc9fb200650b53b
SHA512

dc176071502a0c2e35c05e647393c31d4bf1396701dd86638761e19c8859e9057378db94b12b6f6ded3092b15560e081328ad046e65a4de76b4077f33e6005a7
SSDEEP

49152:WUuqEuCfl/SwsZapsTrTmxs25P6WmlZ30Qfr6zzR9GAPqnIosqMak6JcWQbxA8vy:WoP3ZapsT2VeCeri8TUyAxF/C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TransferXL-08Gb81nPpHjzN.exe

Files

abb90191e6265cac0f4afc608c7e69bf_JaffaCakes118
.zip
TransferXL-08Gb81nPpHjzN.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

Size: 748KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 29KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 115KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2.0MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 310KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 748KB - Virtual size: 2.6MB

Size: 6KB - Virtual size: 16KB

Size: 29KB - Virtual size: 76KB

Size: - Virtual size: 28KB

Size: 14KB - Virtual size: 16KB

Size: 1024B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 72B

Size: 512B - Virtual size: 4KB

Size: 115KB - Virtual size: 244KB

.rsrc Size: 77KB - Virtual size: 164KB

Size: 2.0MB - Virtual size: 10.3MB

.data Size: 310KB - Virtual size: 312KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 77KB - Virtual size: 164KB

.data
Size: 310KB - Virtual size: 312KB

.adata
Size: - Virtual size: 4KB