48f159098e3cbc7338e34f36a13ad7fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48f159098e3cbc7338e34f36a13ad7fa_JaffaCakes118
Size

3.6MB
MD5

48f159098e3cbc7338e34f36a13ad7fa
SHA1

c6522ab954d3cb95bcbab03cada3534f78e325c3
SHA256

902f7357bbe32f2c8b656eec8ae1045057dddb0f739ef9fed52731bcae9263b7
SHA512

96eb9dafdf66b31a83b6353a7ba3902e826a5f551313712d0d29f24ee26ab5db33afa6e76fbe6a4dc2ecd38aa15790354ccfaf46f92c2b205896f17a261b4180
SSDEEP

98304:OeWEMmPN6IWiHohUBMRHESpRXof6EoFYVpFn:Ovka8MmyiyeVn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48f159098e3cbc7338e34f36a13ad7fa_JaffaCakes118

Files

48f159098e3cbc7338e34f36a13ad7fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fbdb582cc448fdd145212406acfdc6cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
GetDiskFreeSpaceExA
GetProfileStringA
GetExitCodeThread
GetCurrentConsoleFont
OpenWaitableTimerA
OpenThread
EnumResourceTypesA
TerminateThread
VirtualAlloc
GetLastError
ExpandEnvironmentStringsA
GetCurrentDirectoryA
WriteConsoleInputA
SetProcessShutdownParameters

user32

GetClipboardSequenceNumber
DefDlgProcA
SetScrollPos
SetInternalWindowPos
PostThreadMessageW
SetTimer
MapVirtualKeyA
SetMenu
MapDialogRect
GetWindowInfo
GetRawInputDeviceInfoA
PrivateExtractIconsA
GetParent
PostMessageW

Exports

Exports

Vuowdcpcea
BeginHdiymvoqmk
Psvsivx
SetVuvlswdb
ReadYctvmaelwb
CreateMalhytjvmgx
BeginRpqwjjnyx
OpenXjlemrlkb
Fiktxvhcxek
Mogbnliam
IsQuhhmthkcgl
Ndwmasxvmt
Emaubusi
Sqjgauyb
Wgextri
InitDugjmgo
ReadHijdkwd
ReadXgodoigum
Kjqjlwv
Kggddva

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 699KB - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbdb582cc448fdd145212406acfdc6cc

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 512B - Virtual size: 3.9MB

.data Size: 1024B - Virtual size: 780B

.edata Size: 512B - Virtual size: 500B

.idata Size: 665KB - Virtual size: 664KB

.reloc Size: 512B - Virtual size: 132B

.rsrc Size: 699KB - Virtual size: 698KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 512B - Virtual size: 3.9MB

.data
Size: 1024B - Virtual size: 780B

.edata
Size: 512B - Virtual size: 500B

.idata
Size: 665KB - Virtual size: 664KB

.reloc
Size: 512B - Virtual size: 132B

.rsrc
Size: 699KB - Virtual size: 698KB