6128e27a7dd0bb2b8df65e002e73a0e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6128e27a7dd0bb2b8df65e002e73a0e1_JaffaCakes118
Size

1.0MB
MD5

6128e27a7dd0bb2b8df65e002e73a0e1
SHA1

5c1b4702a959c6a6bbae10b76e104c424581215e
SHA256

2f49ff4339267c50c5e24838ca48dfeeb0a65a7770d58a9abd8972f524dc0356
SHA512

913aa42c213eced79612a8964780758ac1517eba90cd33acbbdd39760fa28118314cbcc37884a24bc7cc26c0f1fd83b384a0b22d9a34de5dba3d1361a0bb6a1e
SSDEEP

24576:73Klt/baS1aiKswU3Qil7+j476QJb2EzgAuPSjwchoXHhE:0t/GSVKfUA2+juXJb2EzgAuPSjwcuh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6128e27a7dd0bb2b8df65e002e73a0e1_JaffaCakes118

Files

6128e27a7dd0bb2b8df65e002e73a0e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Exports

Exports

SetExtChangeZip
UnZipData
UnZipDataToDirectory
UnZipDataToFile
UnZipFile
ZipData
ZipFile
_CloseD3d@0
_InitD3D@4
_smPlayD3D@24
fcEXP

Sections

.text
Size: 739KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 62.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KPTTrans
Size: 9KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IDATA
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IIDKing
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NewIT
Size: 512B - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Trans
Size: 2KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 739KB - Virtual size: 1.8MB

.rdata Size: 207KB - Virtual size: 208KB

.data Size: 66KB - Virtual size: 62.2MB

.rsrc Size: 13KB - Virtual size: 164KB

.exp Size: 1KB - Virtual size: 4KB

KPTTrans Size: 9KB - Virtual size: 1024KB

.IDATA Size: 512B - Virtual size: 8KB

.IIDKing Size: 512B - Virtual size: 4KB

.NewIT Size: 512B - Virtual size: 12KB

.exp Size: 1KB - Virtual size: 4KB

.Trans Size: 2KB - Virtual size: 52KB

.nPack Size: 4KB - Virtual size: 4KB

.text
Size: 739KB - Virtual size: 1.8MB

.rdata
Size: 207KB - Virtual size: 208KB

.data
Size: 66KB - Virtual size: 62.2MB

.rsrc
Size: 13KB - Virtual size: 164KB

.exp
Size: 1KB - Virtual size: 4KB

KPTTrans
Size: 9KB - Virtual size: 1024KB

.IDATA
Size: 512B - Virtual size: 8KB

.IIDKing
Size: 512B - Virtual size: 4KB

.NewIT
Size: 512B - Virtual size: 12KB

.exp
Size: 1KB - Virtual size: 4KB

.Trans
Size: 2KB - Virtual size: 52KB

.nPack
Size: 4KB - Virtual size: 4KB