5e28ce1a56be5ea61c5feb36a045ae50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e28ce1a56be5ea61c5feb36a045ae50_JaffaCakes118
Size

469KB
MD5

5e28ce1a56be5ea61c5feb36a045ae50
SHA1

3a7c2d81ec66bae01f15899144695aaf2890a0f9
SHA256

0f9022e922843aec01f4354963c0ccc0f3ead9a9acede0cf53f1fd3dcfd89a42
SHA512

e9ea5691553a1d41df8ac3012d5efd79bcf53c4f4142c20711495082136c000b3c53249804c3d39d03c41aeacef40e99692467febf4869b2e231d77b36609cc5
SSDEEP

6144:o2sGwX8sywzE7A4LSaGAd+s3zUlEtvJ2h48THYn8niyZI+YfXIm2Lpakc783QJ3f:XsGwmDGA3ENTHYns/WfYakTMf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e28ce1a56be5ea61c5feb36a045ae50_JaffaCakes118

Files

5e28ce1a56be5ea61c5feb36a045ae50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11c1df949a62f771003c57dbc6abdb7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges

kernel32

GetProcAddress
GetModuleHandleA

comctl32

ImageList_Add

gdi32

BitBlt

user32

ActivateKeyboardLayout

ole32

CoCreateInstance

oleaut32

GetErrorInfo

Exports

Exports

@@Tmainform@Finalize
@@Tmainform@Initialize
_MainForm
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

11c1df949a62f771003c57dbc6abdb7d

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

gdi32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 400KB

.data Size: - Virtual size: 44KB

.tls Size: - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

.idata Size: - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: - Virtual size: 28KB

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 972B

.data Size: 9KB - Virtual size: 12KB

.text
Size: - Virtual size: 400KB

.data
Size: - Virtual size: 44KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: - Virtual size: 28KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 972B

.data
Size: 9KB - Virtual size: 12KB