356a348592edcad80f009c045f9e2768_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

356a348592edcad80f009c045f9e2768_JaffaCakes118
Size

238KB
MD5

356a348592edcad80f009c045f9e2768
SHA1

f7c71788abf485373e39c99dad7cb56e501e81f0
SHA256

453118968308f3eb91c600d8c1dc6ab8c51eb619e14632bf1363654838a0a0c5
SHA512

88898ce0f4b46314334352d70334d1643f2e3e1df9e6b7fccb5f3f4466aa29c12bfe9a8354ab4f4b7b2d22c9d8b63af79d4e4f66660edf4a87e6605e433daad5
SSDEEP

1536:8bTU3HaS3sy2CsBX9DIzno3OR5uhjE9qrhJEuTk6:dsTHNMzo0AVEUKn6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
356a348592edcad80f009c045f9e2768_JaffaCakes118

Files

356a348592edcad80f009c045f9e2768_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

0
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 1KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fa.csc81
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8uvc0ni4
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8qonz.ng
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

q.sedhnp
Size: 234KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1av4kqo2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Sections

0 Size: - Virtual size: 12KB

1 Size: - Virtual size: 4KB

2 Size: - Virtual size: 44KB

3 Size: 1KB - Virtual size: 88KB

4 Size: - Virtual size: 72KB

fa.csc81 Size: - Virtual size: 4KB

6 Size: - Virtual size: 32KB

8uvc0ni4 Size: - Virtual size: 4KB

8qonz.ng Size: - Virtual size: 104KB

q.sedhnp Size: 234KB - Virtual size: 236KB

1av4kqo2 Size: 512B - Virtual size: 4KB

0
Size: - Virtual size: 12KB

1
Size: - Virtual size: 4KB

2
Size: - Virtual size: 44KB

3
Size: 1KB - Virtual size: 88KB

4
Size: - Virtual size: 72KB

fa.csc81
Size: - Virtual size: 4KB

6
Size: - Virtual size: 32KB

8uvc0ni4
Size: - Virtual size: 4KB

8qonz.ng
Size: - Virtual size: 104KB

q.sedhnp
Size: 234KB - Virtual size: 236KB

1av4kqo2
Size: 512B - Virtual size: 4KB