306035de388e9ddd7a1a5d4d61498d0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

306035de388e9ddd7a1a5d4d61498d0c_JaffaCakes118
Size

212KB
MD5

306035de388e9ddd7a1a5d4d61498d0c
SHA1

b88436d444722b6ca6d0fce5b6e0b859223e7121
SHA256

5ea2e4b6f4affa0a06c9469a39139de28cb22b035191903cc1e126cef1496515
SHA512

57f0acd91083f6ef7dfdcd7596cbf335f710bd8acfbae3e2ea01fd99c2dbb9ad5563e9f6166068918d086c0478d5e5333b8ba6f5030f26156c09c64456726705
SSDEEP

3072:nJgwvnUnHT3uBfJgjFVSBdtgAAy97Joy6LkpUTEvGKniZr5h59qEqo+f:nRvnKbuBfqqBdtgAAQ7S/L3YZ8r6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306035de388e9ddd7a1a5d4d61498d0c_JaffaCakes118

Files

306035de388e9ddd7a1a5d4d61498d0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5f7d33c53b8a73cdd71de152e04cb74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
DeleteFileA
ReadConsoleA
GetFileSize
OpenFileMappingA
GetFileTime
FindAtomA
GetComputerNameA
CopyFileW
CopyFileA
ReadFile
CopyFileExA
GetConsoleMode
ExitThread
CreateProcessA
GetCommandLineA
DeleteFileW
CopyFileW
DeleteFileA
FindAtomA
ExitThread
WriteFile
GetConsoleMode
ReadFile
CopyFileExA
CreateThread
ReadConsoleW
GetComputerNameA
GetCPInfo
OpenFile
FindAtomA
OpenFileMappingA
ReadConsoleW
Sleep
CreateThread
CopyFileA
ReadConsoleA
GetLastError
CopyFileW
GlobalFree
DeleteAtom
DeleteFileW
DeleteFileA
GetCPInfo
Sleep
ExitThread
CopyFileExA
ReadConsoleW
DeleteAtom
CreateThread
GlobalFree
CopyFileA
DeleteFileW
ReadConsoleA
OpenFileMappingA
GetCommandLineA
OpenFile
GetFileSize
ExitThread
CreateDirectoryA
GetLastError
WriteFile
GetCommandLineA
CopyFileW
CreateProcessA
DeleteFileA
OpenFile
CopyFileExW
ReadConsoleA
CopyFileA
GlobalFree
DeleteAtom
CreateThread
ReadConsoleW

Sections

.init
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 231B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5f7d33c53b8a73cdd71de152e04cb74

Headers

File Characteristics

Imports

kernel32

Sections

.init Size: 156KB - Virtual size: 154KB

DATA Size: 8KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 5KB

.edata Size: 8KB - Virtual size: 2.9MB

.bss Size: 4KB - Virtual size: 231B

.rdata Size: 4KB - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 10KB

.init
Size: 156KB - Virtual size: 154KB

DATA
Size: 8KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 5KB

.edata
Size: 8KB - Virtual size: 2.9MB

.bss
Size: 4KB - Virtual size: 231B

.rdata
Size: 4KB - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 10KB