6983980a4bda61fdb6f877696c273073_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6983980a4bda61fdb6f877696c273073_JaffaCakes118
Size

50KB
MD5

6983980a4bda61fdb6f877696c273073
SHA1

e8c65358ddfd76ab60a0e2bb08800b8917223566
SHA256

fe03497204cb296d3c6a0b17cef209c7d2d44c32775bb386daedaf340678580e
SHA512

55ad17d03ce5e9d9e57f7236d4997f3aa523ad311d92cfb3364bf5cfa452d4ef1e0fba489aa7295526dc7711cea32aecd9c1809f8b73be2d4153b151c0f6b2c9
SSDEEP

384:kLgubgqUMNeLNek+vD+5giEyV/X/diEDc30IlT3y6iIEQUOFgj:2u0yrOjT34IEogj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6983980a4bda61fdb6f877696c273073_JaffaCakes118

Files

6983980a4bda61fdb6f877696c273073_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb3e5b467d84bf8e64f2f8f6987a32b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
LoadLibraryExW
GetCommandLineA
CloseHandle
CreateMutexA
GetDriveTypeA
GetTickCount
EnumResourceTypesA
ReleaseMutex
FindClose
SetLastError
DeleteCriticalSection
GetDiskFreeSpaceExW
GetLastError
GetModuleHandleA
VirtualProtect
TlsGetValue
GetExitCodeProcess
GetComputerNameA
Sleep

shell32

ShellAboutA
SHFree
DuplicateIcon
ShellMessageBoxA
ExtractIconA
SHGetDiskFreeSpaceA
DragFinish
DllUnregisterServer
DragQueryFileA
DragAcceptFiles
StrChrA
SHGetMalloc
SHGetSettings

printui

bPrinterSetup
bFolderGetPrinter
vPrinterPropPages
vQueueCreate
PnPInterface

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uwicbyk
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fgzfpmv
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ngbdeth
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qupmpxs
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb3e5b467d84bf8e64f2f8f6987a32b3

Headers

File Characteristics

Imports

kernel32

shell32

printui

user32

Sections

.text Size: 1024B - Virtual size: 632B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 522B

.rsrc Size: 44KB - Virtual size: 78KB

uwicbyk Size: - Virtual size: 30KB

fgzfpmv Size: - Virtual size: 34KB

ngbdeth Size: - Virtual size: 34KB

qupmpxs Size: - Virtual size: 6KB

.text
Size: 1024B - Virtual size: 632B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 522B

.rsrc
Size: 44KB - Virtual size: 78KB

uwicbyk
Size: - Virtual size: 30KB

fgzfpmv
Size: - Virtual size: 34KB

ngbdeth
Size: - Virtual size: 34KB

qupmpxs
Size: - Virtual size: 6KB