b4838b7009ec5947b786243d3be62a86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4838b7009ec5947b786243d3be62a86_JaffaCakes118
Size

448KB
MD5

b4838b7009ec5947b786243d3be62a86
SHA1

505c1ac23e3547d9b25c7ad31c6bf1055e6d2517
SHA256

bfda09b992b70a6f072827061c7e2481bc3c56a6981b12a3e9560d0e77c048c1
SHA512

d6f62f7b2c06732927959237c0b47da1c75587a08e86caa88ad0d71b3778206211b94b578f304247ec8fa026ce44823ddaac30bbedebbc0301997e86169e11fd
SSDEEP

1536:xjN6RGfsrsogJz12+1M1HQNdcsYpI7/AooDcrkzQv2Im/1RV5Zrcvxobn75kPdPC:PiGfsIl1aHHsYpi/Aooty2PeunFkPYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4838b7009ec5947b786243d3be62a86_JaffaCakes118

Files

b4838b7009ec5947b786243d3be62a86_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a230f1848add38b016cbb2138ce0626e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GetNLSVersion
GetSystemRegistryQuota
GetModuleHandleA

winscard

SCardGetStatusChangeW

mscms

OpenColorProfileW

advapi32

RegSaveKeyA

ole32

OleCreateLink

pdh

PdhCloseQuery

crypt32

CryptEncryptMessage

ws2_32

WSASetLastError

user32

CharToOemW

clusapi

CloseClusterResource

gdi32

GetCharWidth32W
OffsetWindowOrgEx
CreatePalette

shlwapi

StrCatW

rpcrt4

RpcAsyncAbortCall

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 4KB - Virtual size: 986B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

wP5BA
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g*c=
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a230f1848add38b016cbb2138ce0626e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winscard

mscms

advapi32

ole32

pdh

crypt32

ws2_32

user32

clusapi

gdi32

shlwapi

rpcrt4

Sections

.text Size: 48KB - Virtual size: 46KB

.data Size: 36KB - Virtual size: 43KB

.crt0 Size: 4KB - Virtual size: 986B

wP5BA Size: 144KB - Virtual size: 141KB

g*c= Size: 208KB - Virtual size: 205KB

.rsrc Size: 4KB - Virtual size: 728B

.text
Size: 48KB - Virtual size: 46KB

.data
Size: 36KB - Virtual size: 43KB

.crt0
Size: 4KB - Virtual size: 986B

wP5BA
Size: 144KB - Virtual size: 141KB

g*c=
Size: 208KB - Virtual size: 205KB

.rsrc
Size: 4KB - Virtual size: 728B