490bb5822d6114bbdb8282f06fdfe483_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

490bb5822d6114bbdb8282f06fdfe483_JaffaCakes118
Size

114KB
MD5

490bb5822d6114bbdb8282f06fdfe483
SHA1

1bf70cab722e65931ee6624892ccf1260faf2892
SHA256

0da892a913fb569c5bf466d6a4d6d5e097e73bd040a9be8547ad1fff8ea5cb36
SHA512

10b4f82fe56f282ac192a3ff06646e2946e284317129322438161532a1058d2ee4f8a41429534096c087113f76bed3838fa80df433f110e1420e404cf3060b19
SSDEEP

768:zjCkZ5ZC6Qur7weV2Wlk5l3a9v2f0DnQX4nkZ5NnbIQqSJkS5:bZC6PL2WlftrzQXMWnbIVSJkU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
490bb5822d6114bbdb8282f06fdfe483_JaffaCakes118

Files

490bb5822d6114bbdb8282f06fdfe483_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2d566a54e0783720b2780b38117b2f6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
ReadFile
CreateFileW
GetCurrentThreadId
UnhandledExceptionFilter
HeapFree
LocalAlloc
GetVersionExA
SetEvent
CreateFileW
GetCommandLineA
lstrcpyW
CloseHandle
SetEvent
Sleep
GetModuleHandleA
GetModuleHandleW
LocalFree
GetCurrentProcess
GetModuleFileNameA
GetCurrentThreadId
lstrlenW
LoadLibraryA
SetFilePointer
UnhandledExceptionFilter

Sections

.rmgf
Size: 102KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dxng
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.thrr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jytd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qyiw
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jyeg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bpji
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtij
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lein
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2d566a54e0783720b2780b38117b2f6f

Headers

File Characteristics

Imports

kernel32

Sections

.rmgf Size: 102KB - Virtual size: 120KB

.dxng Size: 1024B - Virtual size: 4KB

.thrr Size: 512B - Virtual size: 4KB

.jytd Size: 512B - Virtual size: 4KB

.qyiw Size: 1024B - Virtual size: 4KB

.jyeg Size: 512B - Virtual size: 4KB

.bpji Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 12B

.qtij Size: 1024B - Virtual size: 4KB

.lein Size: 1024B - Virtual size: 4KB

.rmgf
Size: 102KB - Virtual size: 120KB

.dxng
Size: 1024B - Virtual size: 4KB

.thrr
Size: 512B - Virtual size: 4KB

.jytd
Size: 512B - Virtual size: 4KB

.qyiw
Size: 1024B - Virtual size: 4KB

.jyeg
Size: 512B - Virtual size: 4KB

.bpji
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 12B

.qtij
Size: 1024B - Virtual size: 4KB

.lein
Size: 1024B - Virtual size: 4KB