2947b6cad3bb95bd421274393680f561_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2947b6cad3bb95bd421274393680f561_JaffaCakes118
Size

284KB
MD5

2947b6cad3bb95bd421274393680f561
SHA1

95696955738eaafe36630308dc4bff6bc2187914
SHA256

260a1f29aac8b8b861d8cde52055b89c5ce02ed1763532bd92cdf729dcd7dbd3
SHA512

2f2b99b055ab10806708f0744654a94f95e0a42e1a2a8b489691661bce553dacd9a2def3e7265ac74a2abd9aaeab6efc6386fec0b879f67605bf6cbde25a0528
SSDEEP

6144:24PL0Q+5VJ69mJG1frffYM+RMHL4lM0Qyzh8d10/aCkny4:VN9IhRi8M9yF8v0/vGh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2947b6cad3bb95bd421274393680f561_JaffaCakes118

Files

2947b6cad3bb95bd421274393680f561_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91ab963cd0c25bec98b3047953524672

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryW
FreeLibrary
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
MoveFileW
GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleA
ExitProcess
GetModuleFileNameA
GetCurrentDirectoryA
TlsAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetStartupInfoA
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
InitializeCriticalSection
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
lstrcmpW
GetProcAddress

scecli

SceStartTransaction
SceGetObjectChildren
SceConfigureConvertedFileSecurity
SceCreateDirectory
SceSetupBackupSecurity
SceGetDbTime
SceSvcGetInformationTemplate

kbdpl1

KbdLayerDescriptor

Sections

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.X
Size: 3KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.N
Size: 3KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 85KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vUIcY
Size: 1KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KADX
Size: 5KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 131KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ECPI
Size: 2KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91ab963cd0c25bec98b3047953524672

Headers

File Characteristics

Imports

kernel32

scecli

kbdpl1

Sections

.edata Size: 5KB - Virtual size: 4KB

.X Size: 3KB - Virtual size: 162KB

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 40KB

.N Size: 3KB - Virtual size: 459KB

.edata Size: 85KB - Virtual size: 102KB

.m Size: 512B - Virtual size: 44KB

.data Size: 7KB - Virtual size: 223KB

.vUIcY Size: 1KB - Virtual size: 81KB

.KADX Size: 5KB - Virtual size: 541KB

.edata Size: 131KB - Virtual size: 154KB

.ECPI Size: 2KB - Virtual size: 235KB

.rsrc Size: 24KB - Virtual size: 24KB

.edata
Size: 5KB - Virtual size: 4KB

.X
Size: 3KB - Virtual size: 162KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 40KB

.N
Size: 3KB - Virtual size: 459KB

.edata
Size: 85KB - Virtual size: 102KB

.m
Size: 512B - Virtual size: 44KB

.data
Size: 7KB - Virtual size: 223KB

.vUIcY
Size: 1KB - Virtual size: 81KB

.KADX
Size: 5KB - Virtual size: 541KB

.edata
Size: 131KB - Virtual size: 154KB

.ECPI
Size: 2KB - Virtual size: 235KB

.rsrc
Size: 24KB - Virtual size: 24KB