5b35edfe3184b3d62a9f0dc4949b679a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b35edfe3184b3d62a9f0dc4949b679a_JaffaCakes118
Size

440KB
MD5

5b35edfe3184b3d62a9f0dc4949b679a
SHA1

920e4fef3b916440e252ac532647d3d498dbfac5
SHA256

260402d5f57d5afc657444ba6796985a7a286faf4af777fd36f5810aa1ef7d7a
SHA512

4f38bb33ad4b032345bcc093b6a9c3ca4b81a6f53052378460579d44861f6aa537cea8caf1f0af0635e7d950fbdec2a23b01a91b412aa8bd077da19a6b1612a2
SSDEEP

6144:ZwvOOdt0J4WwW3/Mmnc2n+JTf/8PdQ7l6hck6pkmRoKD5CS:ZwBdt0UW3/Mmncu+JTfhJ6hN3Mh5C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b35edfe3184b3d62a9f0dc4949b679a_JaffaCakes118

Files

5b35edfe3184b3d62a9f0dc4949b679a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8db49d296ce7c896cbbc0bfa568f9a69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumKeyExA
UrlCanonicalizeA

kernel32

SetComputerNameExA
ExitProcess
GetComputerNameA
GetBinaryTypeA
GetFileType
CallNamedPipeA
BackupSeek
BackupRead
lstrcmpA
lstrlenW
lstrlenA
SetCurrentDirectoryA
HeapFree
GetDriveTypeW
GetDriveTypeA
GetSystemDirectoryA
GetComputerNameW
GetCurrentDirectoryW
HeapAlloc
GetProcessHeap
FlushViewOfFile

advapi32

GetUserNameA

winmm

DrvGetModuleHandle
mmioOpenA

Exports

Exports

qhuc

Sections

.code
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8db49d296ce7c896cbbc0bfa568f9a69

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

winmm

Exports

Exports

Sections

.code Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 948B

.data Size: 368KB - Virtual size: 365KB

.data Size: 4KB - Virtual size: 1B

.reloc Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 1B

.rdata Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 948B

.data
Size: 368KB - Virtual size: 365KB

.data
Size: 4KB - Virtual size: 1B

.reloc
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 1B

.rdata
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 4KB - Virtual size: 1KB