425287d35bac9f79fdaa7035447e228d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

425287d35bac9f79fdaa7035447e228d_JaffaCakes118
Size

1.0MB
MD5

425287d35bac9f79fdaa7035447e228d
SHA1

3abd1627e467e7758b5e9d30b3ae2b74b14aba3a
SHA256

e538cf4f6fde530035b0fb3120d5d08210718eaa84c048ddf0b0982becff3183
SHA512

9338d9ad40c0dca37c2d24cea3cc3104bf9f0c606867907b2056cdbec25babee5fc8368df346fe51ccf6246332f431934e567865b11fcd4ccadbb00254aa9965
SSDEEP

24576:iQqe/0pL6DZnQDIVOrpYyMVOHH+q5jQjAuJ8yIpzR+:iNeGaZnQDD1IO+q2jdJ8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425287d35bac9f79fdaa7035447e228d_JaffaCakes118

Files

425287d35bac9f79fdaa7035447e228d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d79cc4bf168353b95e77f9e09c6f55e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindNextChangeNotification
HeapSummary
RegisterWaitForSingleObject
GetProcessHandleCount
GetTempPathA
TerminateJobObject
VirtualFree
SetInformationJobObject
PeekConsoleInputA
IsSystemResumeAutomatic
GetProcessHeap
VirtualAlloc
CreateJobObjectA
GetProfileSectionW

user32

ShowCursor
SetScrollRange
GetLastInputInfo
DispatchMessageA
DeregisterShellHookWindow
GetDC
TileWindows
CascadeWindows
SwitchDesktop
SetCapture
SendNotifyMessageA
GetAppCompatFlags

Exports

Exports

Plrhvscjt
EndYuimaakobm
IsPqwwmyrsk
CreateUuyuapuolqh
WriteEqfjjpsh
ReadNjxmpahavqc
Sdkhdku

Sections

CODE
Size: 649KB - Virtual size: 649KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1.3MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d79cc4bf168353b95e77f9e09c6f55e4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 649KB - Virtual size: 649KB

DATA Size: 352KB - Virtual size: 352KB

BSS Size: - Virtual size: 1.3MB

.idata Size: 1024B - Virtual size: 928B

.tls Size: - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 112B

.reloc Size: 512B - Virtual size: 172B

.rsrc Size: 23KB - Virtual size: 23KB

CODE
Size: 649KB - Virtual size: 649KB

DATA
Size: 352KB - Virtual size: 352KB

BSS
Size: - Virtual size: 1.3MB

.idata
Size: 1024B - Virtual size: 928B

.tls
Size: - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 112B

.reloc
Size: 512B - Virtual size: 172B

.rsrc
Size: 23KB - Virtual size: 23KB