5a66cd4d52240f294aaa083b2d7c197b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a66cd4d52240f294aaa083b2d7c197b_JaffaCakes118
Size

861KB
MD5

5a66cd4d52240f294aaa083b2d7c197b
SHA1

206553826e1ef64b5ce9fc31fe5d295d212e3685
SHA256

4e87a8a953eb98edd357750e1d0e69e58a613c7a5880eaf1cd32e2efc62a275a
SHA512

560ca9f255ede83586d9c9079bfc04c249079e2ed0b40eea7c69fa20aa4283dda9ec803506fefba2f2a00b0a82d96aee926aaae226e057659f71be0ad20928bd
SSDEEP

24576:vc1Rki5oL49C3R2/q4pgV0K8ouNu61KlND2StF0Ife:U1Rvos9C3v4Lo6l1KN6Sz0Ife

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a66cd4d52240f294aaa083b2d7c197b_JaffaCakes118

Files

5a66cd4d52240f294aaa083b2d7c197b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8278ca3b7dfc45bbabf97cd8c6b82d0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

BackupEventLogA
BuildSecurityDescriptorA
ChangeServiceConfigA
CryptGetKeyParam
CryptSignHashA
RegOpenKeyA
RegQueryValueA
SetEntriesInAuditListA

kernel32

TransactNamedPipe

shlwapi

PathFileExistsA
SHRegOpenUSKeyA
UrlCombineA

user32

CreateIcon
DdeGetLastError
DefMDIChildProcA
DestroyMenu
GetDlgCtrlID
GetKeyboardLayoutList
GetSystemMenu
GetWindowWord
InsertMenuItemA

Sections

.fmze
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ror
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ozq
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.norih
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lyt
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yrsj
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdmhq
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tilip
Size: 48KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kja
Size: 123KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8278ca3b7dfc45bbabf97cd8c6b82d0c

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

Sections

.fmze Size: 638KB - Virtual size: 1.3MB

.ror Size: 6KB - Virtual size: 8KB

.ozq Size: 19KB - Virtual size: 27KB

.norih Size: 512B - Virtual size: 21KB

.lyt Size: 6KB - Virtual size: 15KB

.yrsj Size: 512B - Virtual size: 56B

.gdmhq Size: 512B - Virtual size: 24B

.tilip Size: 48KB - Virtual size: 77KB

.kja Size: 123KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.fmze
Size: 638KB - Virtual size: 1.3MB

.ror
Size: 6KB - Virtual size: 8KB

.ozq
Size: 19KB - Virtual size: 27KB

.norih
Size: 512B - Virtual size: 21KB

.lyt
Size: 6KB - Virtual size: 15KB

.yrsj
Size: 512B - Virtual size: 56B

.gdmhq
Size: 512B - Virtual size: 24B

.tilip
Size: 48KB - Virtual size: 77KB

.kja
Size: 123KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB