1634d56c99aefc20eef9538eeee52ea1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1634d56c99aefc20eef9538eeee52ea1_JaffaCakes118
Size

97KB
MD5

1634d56c99aefc20eef9538eeee52ea1
SHA1

0f14398de2b5e04bfba84a7c57778d814bfff2d1
SHA256

17489257cc6b6c4bd73a69afa0935155bd70eeded5ca204343bed7723381c467
SHA512

2e834afe554bb85cf3b0bb5a08ccb7a8c18576f6b48ed8fc63f71cc0a5f2e5396c8284c50d1e7d44a4a02122140b112397318d0ce129decf2d8e787c526f26a9
SSDEEP

3072:LU+KF77Ep++0mguxyI/huP6AYz6Y5NLvofjkRqS:dKFHEpAvomp06cxvIkUS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1634d56c99aefc20eef9538eeee52ea1_JaffaCakes118

Files

1634d56c99aefc20eef9538eeee52ea1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbd9b74fc6544af4be2aa900996419c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
DeleteAtom
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
GetConsoleCP
GetExitCodeProcess
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetProcessVersion
GetStdHandle
GetCurrentThreadId
GetThreadLocale
GetUserDefaultLCID
GlobalAlloc
IsSystemResumeAutomatic
IsValidLocale
ReleaseMutex
ResetEvent
SetFilePointer
OpenEventA
ReadFile
CloseHandle
WriteFile
CreateFileA
ExitProcess
GetComputerNameA
GetBinaryTypeA
BackupRead
lstrlenW
lstrlenA
SetCurrentDirectoryA
FlushViewOfFile
GetDriveTypeA
GetWindowsDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
GetComputerNameW
GetCurrentDirectoryW
GetFileAttributesA
GetFileAttributesW
lstrcmpW
GetStartupInfoA
CompareStringA

user32

ReleaseDC

advapi32

GetUserNameA

msvcrt

free
malloc

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

GetDriverModuleHandle
timeEndPeriod

Exports

Exports

yuqqpwz

Sections

.code
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sgybg
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbd9b74fc6544af4be2aa900996419c5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

version

winmm

Exports

Exports

Sections

.code Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 360KB - Virtual size: 357KB

sgybg Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 760B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 360KB - Virtual size: 357KB

sgybg
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 760B

.reloc
Size: 4KB - Virtual size: 1KB