41b4f4bf6530ad9e993c0fa7c1fc8a04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41b4f4bf6530ad9e993c0fa7c1fc8a04_JaffaCakes118
Size

500KB
MD5

41b4f4bf6530ad9e993c0fa7c1fc8a04
SHA1

342feba66d8045c8872a6e401f488c56a626ff38
SHA256

9bf725cf611f21f0761728349ecb57dfb72be42e3e24b424ff5dbbbf5a2b7679
SHA512

223e167c12c8e0f75910bc0d125e19523cd71f2cdfc918af130b6576035342cfd4098cddc24a626beacefe223d602deef07b1fd4fc8e8260bf4800de4a06ddac
SSDEEP

12288:KHQoOaiRWDJ87WREfMhDsATi1GvIGma5oNbrZjyi:KHQoOagcJfBRsATi5aMb1yi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b4f4bf6530ad9e993c0fa7c1fc8a04_JaffaCakes118

Files

41b4f4bf6530ad9e993c0fa7c1fc8a04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

CODE
Size: - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trnj4z3p
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fvhte61r
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gr20dwaz
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ttwilafr
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3c72yynk
Size: 493KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

u6m7atad
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Sections

CODE Size: - Virtual size: 440KB

DATA Size: - Virtual size: 8KB

BSS Size: - Virtual size: 8KB

trnj4z3p Size: - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

fvhte61r Size: - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 32KB

gr20dwaz Size: - Virtual size: 4KB

ttwilafr Size: - Virtual size: 260KB

3c72yynk Size: 493KB - Virtual size: 496KB

u6m7atad Size: 512B - Virtual size: 4KB

CODE
Size: - Virtual size: 440KB

DATA
Size: - Virtual size: 8KB

BSS
Size: - Virtual size: 8KB

trnj4z3p
Size: - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

fvhte61r
Size: - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 32KB

gr20dwaz
Size: - Virtual size: 4KB

ttwilafr
Size: - Virtual size: 260KB

3c72yynk
Size: 493KB - Virtual size: 496KB

u6m7atad
Size: 512B - Virtual size: 4KB