086450afadbe188cbf34a2c8d83d4dea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

086450afadbe188cbf34a2c8d83d4dea_JaffaCakes118
Size

137KB
MD5

086450afadbe188cbf34a2c8d83d4dea
SHA1

20d7f3a3886d73eafa0c87f16e290d4516ac0852
SHA256

71f358a41fb8b02ff589803b6b1f3fb02ccece4bd67b57672fa71a3864c02619
SHA512

295d57eaa8dac590be94f04c766c7846916290fe7adfc02fbdf7a92dbc88ebe05f91a98f5e8a7ac2c9395300103a83f18c09f34aa0ed9666eead147160e7e2e0
SSDEEP

1536:xYd2Jed5i8UnlztnIHCJkBsyLPudpYVcZLlLr0UHeN5GC3fY+lBodeHw9:xYUhRlztdJkB3ZGDr0UHevrY+lmb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
086450afadbe188cbf34a2c8d83d4dea_JaffaCakes118

Files

086450afadbe188cbf34a2c8d83d4dea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b42b51d915a1e5ececaa148d68235da5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
SetLastError
Sleep
GetDiskFreeSpaceExW
VirtualProtect
GetDriveTypeA
FindClose
DeleteCriticalSection
ReleaseMutex
GetExitCodeProcess
GetLastError
LoadLibraryExW
CloseHandle
FreeConsole
CreateMutexA
GetCommandLineA
TlsGetValue
GetTickCount
GetComputerNameA
GetModuleHandleA

shell32

DragFinish
DllUnregisterServer
SHGetMalloc
ExtractIconA
DragAcceptFiles
SHGetSettings
ShellAboutA
ShellMessageBoxA
StrChrA
DuplicateIcon
SHGetDiskFreeSpaceA
SHFree
DragQueryFileA

printui

vQueueCreate
bPrinterSetup
PnPInterface
vPrinterPropPages
bFolderGetPrinter

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rmcwhhy
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

utfkoeo
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pykofad
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nrrensb
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b42b51d915a1e5ececaa148d68235da5

Headers

File Characteristics

Imports

kernel32

shell32

printui

user32

Sections

.text Size: 1024B - Virtual size: 628B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 522B

.rsrc Size: 131KB - Virtual size: 165KB

rmcwhhy Size: - Virtual size: 30KB

utfkoeo Size: - Virtual size: 34KB

pykofad Size: - Virtual size: 34KB

nrrensb Size: - Virtual size: 6KB

.text
Size: 1024B - Virtual size: 628B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 522B

.rsrc
Size: 131KB - Virtual size: 165KB

rmcwhhy
Size: - Virtual size: 30KB

utfkoeo
Size: - Virtual size: 34KB

pykofad
Size: - Virtual size: 34KB

nrrensb
Size: - Virtual size: 6KB