63620652098d1b99cabcbb935a817fee_JaffaCakes118

General

Target

63620652098d1b99cabcbb935a817fee_JaffaCakes118
Size

152KB
MD5

63620652098d1b99cabcbb935a817fee
SHA1

2954a0394587d78d7e219ae54d15f0f52bcbdd03
SHA256

27dbb6d35ded4782eee0e70cbc7612cd4f9a9a238203540224de81b4a54a7be3
SHA512

4e525e43029c6b406d481649178d2bd79770c30b399750695871a82e50bbf8b657b0e8d2ce045d71eb64973a3449a820c30527a5f9b74c9669a6806e2f5f6731
SSDEEP

3072:Q+2NKmnePqtVheazseLa3gl9cm0kgI4FtmOwwH18856iP5PbQnyav7kVtnqDDDUE:QpKmeCtKMHIYum0pmu7511boRytqDDDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63620652098d1b99cabcbb935a817fee_JaffaCakes118

Files

63620652098d1b99cabcbb935a817fee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ca43e8ef4c1342a017109a50f56f1d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
VirtualProtect
VirtualProtectEx
CreateProcessA
GetStartupInfoW
WriteProcessMemory
CreateProcessW
VirtualProtect
GetSystemTime
LoadLibraryA
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntA
SetThreadPriority
WriteProcessMemory
TerminateProcess
ReadProcessMemory
LoadLibraryA
WaitForSingleObject
LoadLibraryExA
CreateFileA
LoadLibraryExA
VirtualProtect
VirtualProtectEx

inseng

GetICifRWFileFromFile
GetICifFileFromFile
GetICifRWFileFromFile
PurgeDownloadDirectory
GetICifRWFileFromFile
GetICifRWFileFromFile
GetICifRWFileFromFile

Sections

.text
Size: 143KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ca43e8ef4c1342a017109a50f56f1d4

Headers

File Characteristics

Imports

kernel32

inseng

Sections

.text Size: 143KB - Virtual size: 184KB

.data Size: 4KB - Virtual size: 4KB

.mesia Size: 512B - Virtual size: 4KB

.mesia Size: 512B - Virtual size: 4KB

.mesia Size: 512B - Virtual size: 4KB

.mesia Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 143KB - Virtual size: 184KB

.data
Size: 4KB - Virtual size: 4KB

.mesia
Size: 512B - Virtual size: 4KB

.mesia
Size: 512B - Virtual size: 4KB

.mesia
Size: 512B - Virtual size: 4KB

.mesia
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 1KB