379d3de614c18d1f54cde843ffbf3641_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

379d3de614c18d1f54cde843ffbf3641_JaffaCakes118
Size

146KB
MD5

379d3de614c18d1f54cde843ffbf3641
SHA1

e0279b8eef151f06166522a89bcb489d6c875f34
SHA256

849e0982a617dd04dfacb551b7b507aa98e16cfb8c6e6cabd934cacdbd040f84
SHA512

f1dc4ee2ac80c14d3d22a07b723c201fa54e1d0112a7e5e2901833db46ebd3637abbfffa04426efc71cc44759819baa107dbccfd5d1ce6222a46da3940c38a4d
SSDEEP

3072:cyZ+R65zdX9zU+lcypuy+71xxCOJpPH3dUNupT:cZszN9zFpfSxxCOXSup

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379d3de614c18d1f54cde843ffbf3641_JaffaCakes118

Files

379d3de614c18d1f54cde843ffbf3641_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ef702c70d6eedab94cbc84a10c1daf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetVersionExA
LocalFree
FindResourceA
GetTickCount
ExitProcess
SetLastError
GetCommandLineA
GetVersion
lstrcatW
GetConsoleMode
GetOEMCP
lstrcpynA
GetACP
GetCurrentThreadId
OpenMutexW
OutputDebugStringA
OpenMutexA
VirtualAlloc
WriteProcessMemory
lstrcmpiA
GetThreadLocale
GetLastError
ResetEvent
GetCurrentProcessId
GetModuleHandleA
GetModuleHandleW
GetStdHandle
IsBadReadPtr
GetUserDefaultLCID
WaitForSingleObject
GetExitCodeThread
FindClose
CompareStringW
WaitForMultipleObjects
lstrcpyA

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 495B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 512B - Virtual size: 407B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 335B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78ef702c70d6eedab94cbc84a10c1daf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 133KB - Virtual size: 133KB

.bss Size: 512B - Virtual size: 287B

DATA Size: 512B - Virtual size: 495B

.bss Size: 512B - Virtual size: 306B

DATA Size: 512B - Virtual size: 122KB

.textbss Size: 512B - Virtual size: 407B

BSS Size: 512B - Virtual size: 130B

.bss Size: 512B - Virtual size: 456B

.tls Size: 512B - Virtual size: 37KB

.bss Size: 512B - Virtual size: 335B

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 26B

.text
Size: 133KB - Virtual size: 133KB

.bss
Size: 512B - Virtual size: 287B

DATA
Size: 512B - Virtual size: 495B

.bss
Size: 512B - Virtual size: 306B

DATA
Size: 512B - Virtual size: 122KB

.textbss
Size: 512B - Virtual size: 407B

BSS
Size: 512B - Virtual size: 130B

.bss
Size: 512B - Virtual size: 456B

.tls
Size: 512B - Virtual size: 37KB

.bss
Size: 512B - Virtual size: 335B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 26B