48fb012bc40a8466e6584b48f368bb77_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

48fb012bc40a8466e6584b48f368bb77_JaffaCakes118
Size

265KB
MD5

48fb012bc40a8466e6584b48f368bb77
SHA1

9a8a71b47cc5c6a334199dd15b8acbef00d56b00
SHA256

b48bc535a628bd953a27f45d4412d4b73818f536eddb10ca93e828ad56965653
SHA512

a4541f2e4728ccc5a1cc9f4829ef37cd988180153404a113686d2fcf0818a8fa05b44afacc21b3b58092fca84a0a02fc5149253e0b01e7b4ab7070aaa007c093
SSDEEP

6144:N0k8qY0eoQYdu8XfNRraPrvEQw6ragCBVUi:NOxwu8XGv1VagUF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48fb012bc40a8466e6584b48f368bb77_JaffaCakes118

Files

48fb012bc40a8466e6584b48f368bb77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4652c76b162a74834763cfab5becaf44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleA
ExitProcess
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
GetLastError
Sleep
GetStartupInfoA
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSection
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcAddress

msasn1

ASN1BEREncCheck
ASN1_CreateModule
ASN1CEREncFlushBlkElement
ASN1intx_setuint32
ASN1BERDecS16Val
ASN1BERDecObjectIdentifier
ASN1_GetEncoderOption
ASN1_FreeDecoded
ASN1_FreeEncoded
ASN1BEREncEoid
ASN1EncSetError
ASN1BERDecZeroMultibyteString
ASN1intx_uoctets

shfolder

SHGetFolderPathA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OwgosB
Size: 1024B - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kzR
Size: 1KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LBEQ
Size: 3KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qWsuf
Size: 5KB - Virtual size: 1014KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 80KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.S
Size: 3KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 136KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kRnRGk
Size: 5KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4652c76b162a74834763cfab5becaf44

Headers

File Characteristics

Imports

kernel32

msasn1

shfolder

Sections

.text Size: 5KB - Virtual size: 4KB

.OwgosB Size: 1024B - Virtual size: 146KB

.text Size: 12KB - Virtual size: 12KB

.kzR Size: 1KB - Virtual size: 95KB

.LBEQ Size: 3KB - Virtual size: 596KB

.rdata Size: 1KB - Virtual size: 48KB

.qWsuf Size: 5KB - Virtual size: 1014KB

.edata Size: 80KB - Virtual size: 104KB

.S Size: 3KB - Virtual size: 369KB

.data Size: 7KB - Virtual size: 191KB

.edata Size: 136KB - Virtual size: 194KB

.kRnRGk Size: 5KB - Virtual size: 321KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 4KB

.OwgosB
Size: 1024B - Virtual size: 146KB

.text
Size: 12KB - Virtual size: 12KB

.kzR
Size: 1KB - Virtual size: 95KB

.LBEQ
Size: 3KB - Virtual size: 596KB

.rdata
Size: 1KB - Virtual size: 48KB

.qWsuf
Size: 5KB - Virtual size: 1014KB

.edata
Size: 80KB - Virtual size: 104KB

.S
Size: 3KB - Virtual size: 369KB

.data
Size: 7KB - Virtual size: 191KB

.edata
Size: 136KB - Virtual size: 194KB

.kRnRGk
Size: 5KB - Virtual size: 321KB

.rsrc
Size: 2KB - Virtual size: 2KB