5a70d7c7e65a5e61eb85e099beb7c51e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5a70d7c7e65a5e61eb85e099beb7c51e_JaffaCakes118
Size

4.8MB
MD5

5a70d7c7e65a5e61eb85e099beb7c51e
SHA1

ab29e67c36b9b7f57199d2982a13f42ee58a49c5
SHA256

6523d8a94ad12f5fb509b8018ab1cf79838e856755a8e5679adcf4a308e1535c
SHA512

ca0cd3ff75f93105429361d78d5647c8d6897ca9fe6264723b93987e4270510ffd2c2cfe6ac24da1ca495c81af01ca7a7869af6b4c71a7218ecf37a0dbe6ba7b
SSDEEP

49152:FsMdsXOyv3mlQhX/iNQyYCJ4qcFcqMgETTGWVIRe9B3CQAeTPjfhQnYJNz2A0L7F:Ffgu5YCyFMgZRRIN7xtlKJL+xxtQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a70d7c7e65a5e61eb85e099beb7c51e_JaffaCakes118

Files

5a70d7c7e65a5e61eb85e099beb7c51e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae604241bd2f7e7ca0a9083e2e20a0b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GetProcAddress
GetProcessWorkingSetSize
VirtualLock
OpenProcess
EnumDateFormatsW
GetCurrentThreadId
LocalFree
ResumeThread
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess

user32

GetClassInfoExW
MessageBoxA
CreateWindowExA
GetClassNameW
RegisterClassW

advapi32

OpenProcessToken

psapi

GetProcessMemoryInfo

Sections

i
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

V
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

b
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

b
Size: 2KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

nQ2
Size: 130KB - Virtual size: 128KB

IMAGE_SCN_MEM_READ

dkB
Size: 194KB - Virtual size: 192KB

IMAGE_SCN_MEM_READ

cso
Size: 194KB - Virtual size: 192KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae604241bd2f7e7ca0a9083e2e20a0b8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

psapi

Sections

i Size: 2KB - Virtual size: 4KB

V Size: 2KB - Virtual size: 4KB

b Size: 2KB - Virtual size: 4KB

.tls Size: 2KB - Virtual size: 4KB

b Size: 2KB - Virtual size: 4KB

.RSRC Size: 1.8MB - Virtual size: 1.8MB

b Size: 2KB - Virtual size: 1.7MB

nQ2 Size: 130KB - Virtual size: 128KB

dkB Size: 194KB - Virtual size: 192KB

cso Size: 194KB - Virtual size: 192KB

i
Size: 2KB - Virtual size: 4KB

V
Size: 2KB - Virtual size: 4KB

b
Size: 2KB - Virtual size: 4KB

.tls
Size: 2KB - Virtual size: 4KB

b
Size: 2KB - Virtual size: 4KB

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

b
Size: 2KB - Virtual size: 1.7MB

nQ2
Size: 130KB - Virtual size: 128KB

dkB
Size: 194KB - Virtual size: 192KB

cso
Size: 194KB - Virtual size: 192KB