6f92071661a18515500f14aa5dc059b2_JaffaCakes118

General

Target

6f92071661a18515500f14aa5dc059b2_JaffaCakes118
Size

216KB
MD5

6f92071661a18515500f14aa5dc059b2
SHA1

18f7650bd70f80d3d20a23a41a7130bf7ce8e363
SHA256

99fb021c9ab3ee6a4a14bd6732f652f6f19ea8a98ea6d7da5ef7082973bd9eaf
SHA512

b688c644e192a5cc010c2f5db4210d5a845ee885b32ad6718d70a52b121311aa3ce56300d3a155b62cf15b5811ed83f6e61cc75ef79802963cb316c18708ca57
SSDEEP

3072:VEPk+0fxZjisOBjcCsdDc4x7oAx0tP4gHSzMbVc7ypCzKeWeggmLiDT+7bL8GINn:mPk+Q/jiEu4x7oAmjNCc1egl97b6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f92071661a18515500f14aa5dc059b2_JaffaCakes118

Files

6f92071661a18515500f14aa5dc059b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2211727dcf199c5aba4b2c9ea3078011

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVDMCurrentDirectories
CreateSemaphoreA
GetUserDefaultUILanguage
DeleteTimerQueue
DeleteTimerQueueTimer
GetCommTimeouts
GetCurrentConsoleFont
SetComputerNameExA
GetCommandLineA
GetThreadPriorityBoost
lstrcmpA
GlobalSize
GetNamedPipeHandleStateA
SetEndOfFile
SetConsoleCursor
GetLogicalDriveStringsA
CommConfigDialogA
GetSystemDirectoryA
VirtualProtect
HeapCompact
GetFileAttributesA
GetVersionExA
CompareStringA
GetConsoleCursorInfo
GetPrivateProfileStringA
GetVersionExA
TransmitCommChar
GlobalFindAtomA
VerifyVersionInfoA
GetSystemTimes
GetConsoleOutputCP
OpenProcess
QueueUserAPC
OpenFileMappingA
GetWindowsDirectoryA
GetProcessVersion
GetEnvironmentStringsA
BuildCommDCBA
FindFirstVolumeA
GetProcessId
Module32First
GetProcessWorkingSetSize
ChangeTimerQueueTimer
VirtualAlloc
GetDevicePowerState
GetCurrentDirectoryA
GetCommMask
GetSystemPowerStatus
SetLocaleInfoA
SetConsoleScreenBufferSize
WaitForDebugEvent
GetTickCount
CopyFileA
SizeofResource
WriteConsoleOutputCharacterA
_hread
GetModuleHandleA
LZDone
SetVolumeLabelA
GetProcessShutdownParameters
ReleaseSemaphore
EnumTimeFormatsA
SetConsoleCP
GetConsoleCP
GlobalCompact
SetConsoleIcon

tapi32

lineAddProviderA

Exports

Exports

Odrjexbpqr
GetSuitwknetlk
Mpkyorthpdv
Xeknjlkyj
Wyhuflrkjt
Vgcejyjn

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2211727dcf199c5aba4b2c9ea3078011

Headers

File Characteristics

Imports

kernel32

tapi32

Exports

Exports

Sections

.itext Size: - Virtual size: 1KB

.text Size: 56KB - Virtual size: 673KB

.idata Size: 76KB - Virtual size: 72KB

.rsrc Size: 80KB - Virtual size: 77KB

.itext
Size: - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 673KB

.idata
Size: 76KB - Virtual size: 72KB

.rsrc
Size: 80KB - Virtual size: 77KB