417b53d0ec7ed3e07883fa1c17c5ab82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

417b53d0ec7ed3e07883fa1c17c5ab82_JaffaCakes118
Size

470KB
MD5

417b53d0ec7ed3e07883fa1c17c5ab82
SHA1

49cf52a3e6e1a4b67b8fe9416c8253c961902976
SHA256

1ccd64513f0613204c9bbd9d0a0af28c6e1932b687ce5b7b55a53149fb9257a7
SHA512

d84bc3461b5da332fc1b6a5b54ea908d6a0b75c4d5d1c07911f8174f94aa8c5dd29f43d2c1b44001254bf011474430d02728284067368786126fb28e1b78513b
SSDEEP

12288:URRKEgZNaJ/Igx6pVPw+s3d/ONx2sO/3GyM0FjZ:CKEgZ6U6VEcMI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417b53d0ec7ed3e07883fa1c17c5ab82_JaffaCakes118

Files

417b53d0ec7ed3e07883fa1c17c5ab82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a35f0037338dc0d69362dde886da127

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindResourceA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetMenuItemID

advapi32

RegQueryValueExA

oleaut32

VariantClear

mpr

WNetGetUserA

version

GetFileVersionInfoA

gdi32

GetDIBColorTable

comctl32

ImageList_Create

shell32

Shell_NotifyIcon

wininet

InternetOpenA

wsock32

select

imagehlp

CheckSumMappedFile

winmm

waveOutGetDevCapsW

avicap32

capCreateCaptureWindowA

msacm32

acmFormatEnumA

ws2_32

gethostname

Sections

CODE
Size: - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

00
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.225;0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.225;1
Size: 462KB - Virtual size: 462KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a35f0037338dc0d69362dde886da127

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

mpr

version

gdi32

comctl32

shell32

wininet

wsock32

imagehlp

winmm

avicap32

msacm32

ws2_32

Sections

CODE Size: - Virtual size: 555KB

DATA Size: - Virtual size: 9KB

BSS Size: - Virtual size: 8KB

.idata Size: - Virtual size: 13KB

.tls Size: - Virtual size: 20B

.rdata Size: - Virtual size: 24B

.reloc Size: - Virtual size: 37KB

.rsrc Size: 6KB - Virtual size: 24KB

00 Size: - Virtual size: 512B

.225;0 Size: - Virtual size: 104KB

.225;1 Size: 462KB - Virtual size: 462KB

.reloc Size: 512B - Virtual size: 220B

CODE
Size: - Virtual size: 555KB

DATA
Size: - Virtual size: 9KB

BSS
Size: - Virtual size: 8KB

.idata
Size: - Virtual size: 13KB

.tls
Size: - Virtual size: 20B

.rdata
Size: - Virtual size: 24B

.reloc
Size: - Virtual size: 37KB

.rsrc
Size: 6KB - Virtual size: 24KB

00
Size: - Virtual size: 512B

.225;0
Size: - Virtual size: 104KB

.225;1
Size: 462KB - Virtual size: 462KB

.reloc
Size: 512B - Virtual size: 220B