3d84eeadc87c1cf6ec0925ed9c6cd2e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d84eeadc87c1cf6ec0925ed9c6cd2e3_JaffaCakes118
Size

1.9MB
MD5

3d84eeadc87c1cf6ec0925ed9c6cd2e3
SHA1

39d53896324164474bfe822c2786a7aa95f169b7
SHA256

69192ce9bda062f5e487e7eceeb661ed3b5b83dad58f99db107ccd002f0fdb02
SHA512

462f2065981c8cde1ca8925f4e072f5dd3c99910002a9551bb2e094a8627a9eb6a5cc59cfcf206c85436d8f566221ef6582d4185ef2db785da7af6011c772e93
SSDEEP

49152:+NCQbrlm6Q8rFvnUxzKYPXOT0RyzaT+VxAH8csjUl0lIC7OwJV:+YQb5m6QdzKYPXOTjaT8xW8csQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d84eeadc87c1cf6ec0925ed9c6cd2e3_JaffaCakes118

Files

3d84eeadc87c1cf6ec0925ed9c6cd2e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata
.idata
.rdata
.reloc
.rsrc/0/BINRES/ENGLISH_LNG
.rsrc/0/BITMAP/BBABORT.bmp
.rsrc/0/BITMAP/BBALL.bmp
.rsrc/0/BITMAP/BBCANCEL.bmp
.rsrc/0/BITMAP/BBCLOSE.bmp
.rsrc/0/BITMAP/BBHELP.bmp
.rsrc/0/BITMAP/BBIGNORE.bmp
.rsrc/0/BITMAP/BBNO.bmp
.rsrc/0/BITMAP/BBOK.bmp
.rsrc/0/BITMAP/BBRETRY.bmp
.rsrc/0/BITMAP/BBYES.bmp
.rsrc/0/BITMAP/EL_BPL.bmp
.rsrc/0/BITMAP/EL_DLL.bmp
.rsrc/0/BITMAP/EL_ERROR.bmp
.rsrc/0/BITMAP/EL_MINUS.bmp
.rsrc/0/BITMAP/EL_PAS.bmp
.rsrc/0/BITMAP/EL_PLUS.bmp
.rsrc/0/BITMAP/EL_VCL.bmp
.rsrc/0/BITMAP/PREVIEWGLYPH.bmp
.rsrc/0/BITMAP/VT_CHECK_DARK.bmp
.rsrc/0/BITMAP/VT_CHECK_LIGHT.bmp
.rsrc/0/BITMAP/VT_FLAT.bmp
.rsrc/0/BITMAP/VT_MOVEALL.bmp
.rsrc/0/BITMAP/VT_MOVEEW.bmp
.rsrc/0/BITMAP/VT_MOVENS.bmp
.rsrc/0/BITMAP/VT_TICK_DARK.bmp
.rsrc/0/BITMAP/VT_TICK_LIGHT.bmp
.rsrc/0/BITMAP/VT_UTILITIES.bmp
.rsrc/0/BITMAP/VT_XP.bmp
.rsrc/0/BITMAP/VT_XPBUTTONMINUS.bmp
.rsrc/0/BITMAP/VT_XPBUTTONPLUS.bmp
.rsrc/0/CURSOR/1
.rsrc/0/CURSOR/2
.rsrc/0/CURSOR/3
.rsrc/0/CURSOR/4
.rsrc/0/CURSOR/5
.rsrc/0/CURSOR/6
.rsrc/0/CURSOR/7
.rsrc/0/DIALOG/DLGTEMPLATE
.rsrc/0/DIALOG/EL_DIALOG
.rsrc/0/DIALOG/EL_REQUEST
.rsrc/0/DIALOG/EL_SERVER
.rsrc/0/DIALOG/EL_TAB_CALLSTACK
.rsrc/0/DIALOG/EL_TAB_CPU
.rsrc/0/DIALOG/EL_TAB_CUSTOMDATA
.rsrc/0/DIALOG/EL_TAB_GENERAL
.rsrc/0/DIALOG/EL_TAB_MODULESLIST
.rsrc/0/GROUP_CURSOR/32761
.rsrc/0/GROUP_CURSOR/32762
.rsrc/0/GROUP_CURSOR/32763
.rsrc/0/GROUP_CURSOR/32764
.rsrc/0/GROUP_CURSOR/32765
.rsrc/0/GROUP_CURSOR/32766
.rsrc/0/GROUP_CURSOR/32767
.rsrc/0/GROUP_CURSOR/VT_HEADERSPLIT
.rsrc/0/GROUP_CURSOR/VT_MOVEALL
.rsrc/0/GROUP_CURSOR/VT_MOVEE
.rsrc/0/GROUP_CURSOR/VT_MOVEEW
.rsrc/0/GROUP_CURSOR/VT_MOVEN
.rsrc/0/GROUP_CURSOR/VT_MOVENE
.rsrc/0/GROUP_CURSOR/VT_MOVENS
.rsrc/0/GROUP_CURSOR/VT_MOVENW
.rsrc/0/GROUP_CURSOR/VT_MOVES
.rsrc/0/GROUP_CURSOR/VT_MOVESE
.rsrc/0/GROUP_CURSOR/VT_MOVESW
.rsrc/0/GROUP_CURSOR/VT_MOVEW
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/BROWSER_ICON1
.png
.rsrc/0/RCDATA/BROWSER_ICON2
.png
.rsrc/0/RCDATA/BROWSER_ICON3
.png
.rsrc/0/RCDATA/BROWSER_ICON4
.png
.rsrc/0/RCDATA/BROWSER_ICON5
.png
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/RCDATA/ELDATA
.rsrc/0/RCDATA/EMPTY_ICON
.rsrc/0/RCDATA/PACKAGEINFO
.rsrc/0/RCDATA/PLUGIN_XML
.xml
.rsrc/0/RCDATA/TBROWSERSFRAME
.rsrc/0/RCDATA/TCOOKIEFORM
.rsrc/0/RCDATA/TDATAMODULE1
.rsrc/0/RCDATA/THELPFRAME
.rsrc/0/RCDATA/TMAINFORM
.rsrc/0/RCDATA/TMAINFRAME
.rsrc/0/RCDATA/TOPTIONSFRAME
.rsrc/0/RCDATA/TPLUGINFRAME
.rsrc/0/RCDATA/TREMOVEFORM
.rsrc/0/RCDATA/TRESULTFORM
.rsrc/0/RCDATA/TSEARCHFRAME
.rsrc/0/RCDATA/TSETTINGSFRAME
.rsrc/0/RCDATA/TWARNINGFORM
.rsrc/0/RCDATA/TWARNINGFORM2
.rsrc/0/RCDATA/TWINDOWSFRAME
.rsrc/0/RCDATA/VIRUS_ICON
.rsrc/0/RCDATA/WARNING_ICON
.png
.rsrc/0/RCDATA/WARNING_ICON2
.png
.rsrc/0/RCDATA/WARNING_ICON3
.png
.rsrc/0/STRING/4076
.rsrc/0/STRING/4077
.rsrc/0/STRING/4078
.rsrc/0/STRING/4079
.rsrc/0/STRING/4080
.rsrc/0/STRING/4081
.rsrc/0/STRING/4082
.rsrc/0/STRING/4083
.rsrc/0/STRING/4084
.rsrc/0/STRING/4085
.rsrc/0/STRING/4086
.rsrc/0/STRING/4087
.rsrc/0/STRING/4088
.rsrc/0/STRING/4089
.rsrc/0/STRING/4090
.rsrc/0/STRING/4091
.rsrc/0/STRING/4092
.rsrc/0/STRING/4093
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/0/STRING/4096
.rsrc/1031/CURSOR/10
.rsrc/1031/CURSOR/11
.rsrc/1031/CURSOR/12
.rsrc/1031/CURSOR/13
.rsrc/1031/CURSOR/14
.rsrc/1031/CURSOR/15
.rsrc/1031/CURSOR/16
.rsrc/1031/CURSOR/17
.rsrc/1031/CURSOR/18
.rsrc/1031/CURSOR/19
.rsrc/1031/CURSOR/8
.rsrc/1031/CURSOR/9
.rsrc/1049/GROUP_ICON/MAINICON
.rsrc/1049/ICON/1.ico
.rsrc/1049/ICON/2.ico
.rsrc/1049/ICON/3.ico
.rsrc/1049/ICON/4.ico
.rsrc_1
CODE
DATA

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 74KB - Virtual size: 73KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

CODE
Size: 74KB - Virtual size: 73KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB