b4a78297fd1905672e5cb44ff7dd98e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4a78297fd1905672e5cb44ff7dd98e2_JaffaCakes118
Size

204KB
MD5

b4a78297fd1905672e5cb44ff7dd98e2
SHA1

2a2de7e209a89701fd4cb044d5d1546b0897460d
SHA256

6fb9111e0c2cade5834bbcad9b0740dca1a0b7c9f2b1d87fefb2b95a3a461538
SHA512

d9e3bd9a870bfe85012c6be1bb75860daa39da73a86e2cb0f1337258ed5708170c559452fa51b204aa62c8d83242d8bb9a9bc873f8ab41c7e3d00cac0ec7f040
SSDEEP

3072:CTDZyTGuAX1Wv5VaGxyf9wVrm+i7pdAG9/bAnedln4EO:CTFqGH1WBMG4wVa+ildBbAnk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4a78297fd1905672e5cb44ff7dd98e2_JaffaCakes118

Files

b4a78297fd1905672e5cb44ff7dd98e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

54362b235177735dcaf575ae03bf27da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetACP
GetOEMCP
GetModuleFileNameW
lstrlenA
LoadLibraryW
CompareStringA
SetProcessWorkingSetSize
CancelIo
AreFileApisANSI
FlsFree
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException

gdi32

GdiGetBatchLimit

advapi32

DeleteAce

crypt32

CryptEncryptMessage

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KGQVUZ
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cxp
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dk-2k|oH
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54362b235177735dcaf575ae03bf27da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

crypt32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 32KB - Virtual size: 34KB

KGQVUZ Size: 48KB - Virtual size: 45KB

.Cxp Size: 60KB - Virtual size: 58KB

dk-2k|oH Size: 28KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 32KB - Virtual size: 34KB

KGQVUZ
Size: 48KB - Virtual size: 45KB

.Cxp
Size: 60KB - Virtual size: 58KB

dk-2k|oH
Size: 28KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB