665b0ef1e35e6584b25c854bb2dcb5eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

665b0ef1e35e6584b25c854bb2dcb5eb_JaffaCakes118
Size

242KB
MD5

665b0ef1e35e6584b25c854bb2dcb5eb
SHA1

0e1c7ba3f85dbd4d7e6a3b18b0bdc1b68dfc230f
SHA256

ff3a8d03f2fccf9172b0633451fcd648906f5d7e4fabb69110eb443296d2a72e
SHA512

3403e29c47f1203b7a27a54a6527545d44a869b956912b9eec83930fd40ba4e5c442a2fb42b55c4e06df77c76a7967bbe04a91ff314bd65ded118ab08f459594
SSDEEP

6144:F6h4L7744MTFcieZjBPpFpdEqaHuMbRnXY3Qnk:Fk4/E9cie9RE7NnXDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
665b0ef1e35e6584b25c854bb2dcb5eb_JaffaCakes118

Files

665b0ef1e35e6584b25c854bb2dcb5eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51fc2db3975da75ae478d95a60d93578

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
SleepEx
SetLastError
FreeLibrary
ExpandEnvironmentStringsA
FormatMessageA
WaitForSingleObject
CloseHandle
LoadLibraryExW
GetModuleHandleW
RaiseException
LocalAlloc
LocalFree
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
LoadLibraryA
VirtualAllocEx

esent

JetCreateInstance

kbdtat

KbdLayerDescriptor

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.OlVGJi
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BJNZZ
Size: 1024B - Virtual size: 957B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pLumyk
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tLCI
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shZK
Size: 512B - Virtual size: 249B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51fc2db3975da75ae478d95a60d93578

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

esent

kbdtat

Sections

.text Size: 17KB - Virtual size: 16KB

.OlVGJi Size: 1KB - Virtual size: 1KB

.BJNZZ Size: 1024B - Virtual size: 957B

.pLumyk Size: 1024B - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 846B

.tLCI Size: 2KB - Virtual size: 3KB

.data Size: 213KB - Virtual size: 390KB

.shZK Size: 512B - Virtual size: 249B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.OlVGJi
Size: 1KB - Virtual size: 1KB

.BJNZZ
Size: 1024B - Virtual size: 957B

.pLumyk
Size: 1024B - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 846B

.tLCI
Size: 2KB - Virtual size: 3KB

.data
Size: 213KB - Virtual size: 390KB

.shZK
Size: 512B - Virtual size: 249B

.rsrc
Size: 3KB - Virtual size: 3KB