49acfa0c1c5d4c59bd5e07bb36f4f6f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49acfa0c1c5d4c59bd5e07bb36f4f6f6_JaffaCakes118
Size

246KB
MD5

49acfa0c1c5d4c59bd5e07bb36f4f6f6
SHA1

47cd7c9f4c5f41913cdc6d996b000ee872f54e84
SHA256

602b89ad67a9b51e88606d8dea4f5e31c46b4c060c4a4575e0e72eae3adb2e4c
SHA512

e2ef19dea17a135c2a83fa9505d96d53a80655621df4973c45dd9ebb25779e5903ad4003fe725e313954d258ad07834367465d33948c07e7b5fc338682b15e6f
SSDEEP

6144:h+5oGLScwpDXfwjhWQCqSt3ZIXMBygVxYN7T7:hUDED4jhc3ZIXM5Vx+T7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49acfa0c1c5d4c59bd5e07bb36f4f6f6_JaffaCakes118

Files

49acfa0c1c5d4c59bd5e07bb36f4f6f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ceccd7a50a5ac8f0302a4fc9f701262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapFree
GetModuleHandleW
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
WideCharToMultiByte
RtlUnwind
HeapAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
SetFilePointer
IsProcessorFeaturePresent
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetModuleHandleA
GetProcAddress

riched20

CreateTextServices

netcfgx

LanaCfgFromCommandArgs

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Af
Size: 512B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vIydvr
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AVYbn
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ceccd7a50a5ac8f0302a4fc9f701262

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

riched20

netcfgx

Sections

.text Size: 17KB - Virtual size: 17KB

.Af Size: 512B - Virtual size: 581B

.vIydvr Size: 2KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.AVYbn Size: 1024B - Virtual size: 616B

.data Size: 213KB - Virtual size: 450KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 17KB

.Af
Size: 512B - Virtual size: 581B

.vIydvr
Size: 2KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.AVYbn
Size: 1024B - Virtual size: 616B

.data
Size: 213KB - Virtual size: 450KB

.rsrc
Size: 10KB - Virtual size: 9KB