3b9a3bd441bcf81a773f3a25f6a0b6de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b9a3bd441bcf81a773f3a25f6a0b6de_JaffaCakes118
Size

266KB
MD5

3b9a3bd441bcf81a773f3a25f6a0b6de
SHA1

2940ec29715a7901eadfbe571df651c38f3e6afc
SHA256

d3081d75a2fb8b8d4236c61a2cd993e4a8e139ce9334dd6e4ae9ae74ff490b05
SHA512

de1ab515d10c718cacf81b1bf17509159c63705be34d6daeeb07471aaa7a25ab52cdce7a1143fec9cf316465b0c7f0120cef453519987297f3d6264dd16d03f1
SSDEEP

3072:5qUIhGLXlzE5rkp88XK0/OowqMAGZr2WRM1kQS7JDdTHZyYyq0quq+W0rvO+Mqgg:IUPEdsnVpcZr2e3DRZyYLuqepMuWu/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b9a3bd441bcf81a773f3a25f6a0b6de_JaffaCakes118

Files

3b9a3bd441bcf81a773f3a25f6a0b6de_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9434c25405afaf12201a221d00578eb9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetVolumeLabelA
CreateFileA
OpenProcess
LocalHandle
lstrlenW
GetProcAddress
GetModuleHandleA
EnumDateFormatsW
GetCurrentThreadId
GetCurrentProcessId
OpenFileMappingA

ntdll

RtlAddVectoredExceptionHandler
RtlRemoveVectoredExceptionHandler

Sections

W
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

U
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

W
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

W
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

W
Size: 2KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

wEf
Size: 130KB - Virtual size: 128KB

IMAGE_SCN_MEM_READ

dD6
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ptp
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

R23
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OEj
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VIn
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9434c25405afaf12201a221d00578eb9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Sections

W Size: 2KB - Virtual size: 4KB

U Size: 2KB - Virtual size: 4KB

W Size: 2KB - Virtual size: 4KB

.tls Size: 2KB - Virtual size: 4KB

W Size: 2KB - Virtual size: 4KB

.RSRC Size: 1.8MB - Virtual size: 1.8MB

W Size: 2KB - Virtual size: 1.7MB

wEf Size: 130KB - Virtual size: 128KB

dD6 Size: 14KB - Virtual size: 12KB

Ptp Size: 14KB - Virtual size: 12KB

R23 Size: 14KB - Virtual size: 12KB

OEj Size: 14KB - Virtual size: 12KB

VIn Size: 14KB - Virtual size: 12KB

W
Size: 2KB - Virtual size: 4KB

U
Size: 2KB - Virtual size: 4KB

W
Size: 2KB - Virtual size: 4KB

.tls
Size: 2KB - Virtual size: 4KB

W
Size: 2KB - Virtual size: 4KB

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

W
Size: 2KB - Virtual size: 1.7MB

wEf
Size: 130KB - Virtual size: 128KB

dD6
Size: 14KB - Virtual size: 12KB

Ptp
Size: 14KB - Virtual size: 12KB

R23
Size: 14KB - Virtual size: 12KB

OEj
Size: 14KB - Virtual size: 12KB

VIn
Size: 14KB - Virtual size: 12KB