0da12c9ac5a19abb2f197e1c11889244_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0da12c9ac5a19abb2f197e1c11889244_JaffaCakes118
Size

298KB
MD5

0da12c9ac5a19abb2f197e1c11889244
SHA1

c4b71a8b52d90b05fee09e743de5e5f84120a1e1
SHA256

639e6116b33f0a236fcb8f413a15a48d6d8100e807d01cb9539582a3d3412dbf
SHA512

a69bd9209d98ddd0b3fa1bacd8fc6bc121abfc00ffddb19c6b5eea10a7ae545854aff785085adcfceb91b85f76121a26fdd430815049fb0095cfb00605bd1ac4
SSDEEP

6144:Y/jGqFxMrzyzB1LPnT2gH6vERh0vegJ1gk8xAaTa9lS3D5:W0rzyzfLqK6uh0P7iFFD5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0da12c9ac5a19abb2f197e1c11889244_JaffaCakes118

Files

0da12c9ac5a19abb2f197e1c11889244_JaffaCakes118
.exe windows:4 windows x86 arch:x86

254d1ac1d17589713324cf0cbd1c7849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetLastError
ExitProcess
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetVersion
GetProcAddress

imagehlp

FindFileInPath
MakeSureDirectoryPathExists
SetImageConfigInformation
SymCleanup
UnDecorateSymbolName
ReBaseImage64
SymFromName
SymSetOptions
SymFunctionTableAccess64
ImageRvaToSection
SymGetSymPrev64
SymGetSymNext64
RemoveRelocations
FindExecutableImage
BindImage
CheckSumMappedFile
SymGetModuleBase64
SymGetLineFromName64
SymGetSymFromName64
SymGetTypeInfo
SymFromAddr
ReBaseImage

netplwiz

NetPlacesWizardDoModal

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DrKnDy
Size: 4KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TLO
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.KcmhU
Size: 4KB - Virtual size: 799KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aqehT
Size: 5KB - Virtual size: 819KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 83KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fc
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ayXwtT
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 134KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

254d1ac1d17589713324cf0cbd1c7849

Headers

File Characteristics

Imports

kernel32

imagehlp

netplwiz

Sections

.text Size: 9KB - Virtual size: 9KB

.DrKnDy Size: 4KB - Virtual size: 962KB

.TLO Size: 5KB - Virtual size: 15KB

.text Size: 11KB - Virtual size: 11KB

.KcmhU Size: 4KB - Virtual size: 799KB

.rdata Size: 2KB - Virtual size: 37KB

.aqehT Size: 5KB - Virtual size: 819KB

.edata Size: 83KB - Virtual size: 98KB

.fc Size: 1KB - Virtual size: 13KB

.data Size: 7KB - Virtual size: 97KB

.ayXwtT Size: 1024B - Virtual size: 105KB

.edata Size: 134KB - Virtual size: 189KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 9KB - Virtual size: 9KB

.DrKnDy
Size: 4KB - Virtual size: 962KB

.TLO
Size: 5KB - Virtual size: 15KB

.text
Size: 11KB - Virtual size: 11KB

.KcmhU
Size: 4KB - Virtual size: 799KB

.rdata
Size: 2KB - Virtual size: 37KB

.aqehT
Size: 5KB - Virtual size: 819KB

.edata
Size: 83KB - Virtual size: 98KB

.fc
Size: 1KB - Virtual size: 13KB

.data
Size: 7KB - Virtual size: 97KB

.ayXwtT
Size: 1024B - Virtual size: 105KB

.edata
Size: 134KB - Virtual size: 189KB

.rsrc
Size: 27KB - Virtual size: 26KB