863be405215b3fa15585a57e320fc2f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

863be405215b3fa15585a57e320fc2f9_JaffaCakes118
Size

60KB
MD5

863be405215b3fa15585a57e320fc2f9
SHA1

0b96d269fbddd264dd772b11abd407b0da9eac1f
SHA256

593a253129a93af567171fd297102b7ef72dedb99b845a3862972fa805d0908d
SHA512

c6363814f05eb6a48f90e5dd4fa95ae8e0b00881843e941e9d762aeb441d52a0bf7f96519e6bed037f8e548ede07d83d2329982714f8b35faa2d77e9182c4402
SSDEEP

768:7VX9LLHPFKDeaYwuhwt1dxnYzGZa30WhHLh1iCxwXsSYXrl0v0Avs/h9+wsz:7VX9LjPUOPCt/GzGZakOi8w9Yy0Avs6N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
863be405215b3fa15585a57e320fc2f9_JaffaCakes118

Files

863be405215b3fa15585a57e320fc2f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b17a8dc7591bff19f1a407e780255f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA

pk75

ord8732
ord8344
ord8950
ord2705
ord5373
ord4582
ord7960
ord8591
ord3818
ord3829
ord2698
ord2792
ord7211
ord4323
ord6436
ord5040
ord3826
ord8233
ord9385
ord4920
ord5617
ord9436
ord1751
ord5967
ord9519
ord455
ord2789
ord378
ord8049
ord1254
ord9113
ord5640
ord2031
ord322
ord2569
ord130
ord899
ord4160
ord8718
ord2867
ord8348
ord5019
ord6840
ord6016
ord1682
ord4304
ord8401
ord6848
ord7326
ord1195
ord1419
ord4424
ord1775
ord417
ord8961
ord8072
ord8662
ord7691
ord5892
ord1041
ord4174
ord554
ord414
ord4368
ord7556
ord8692
ord6846
ord8836
ord5306
ord1495
ord7033
ord9086
ord5298
ord267
ord3992
ord8564
ord5810
ord2787
ord693
ord687
ord9075
ord6134
ord76
ord5854
ord1641
ord7309
ord864
ord926
ord818
ord8128
ord517
ord8181
ord6753
ord8206
ord8452
ord3242
ord7670
ord639
ord546
ord7653
ord9420
ord2997
ord4521
ord8915
ord2390
ord6051
ord8137
ord6619
ord7733

msvcr71

_controlfp
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
__CxxLongjmpUnwind
_setjmp3
strlen
memcmp
_purecall
_CxxThrowException
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
_onexit

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 1024B - Virtual size: 513B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b17a8dc7591bff19f1a407e780255f1

Headers

File Characteristics

Imports

kernel32

pk75

msvcr71

Sections

.text Size: 8KB - Virtual size: 7KB

CONST Size: 1024B - Virtual size: 513B

_TEXT Size: 21KB - Virtual size: 21KB

xdata Size: 1KB - Virtual size: 1KB

text Size: 1024B - Virtual size: 944B

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 184B

_DATA Size: 512B - Virtual size: 150B

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 8KB - Virtual size: 7KB

CONST
Size: 1024B - Virtual size: 513B

_TEXT
Size: 21KB - Virtual size: 21KB

xdata
Size: 1KB - Virtual size: 1KB

text
Size: 1024B - Virtual size: 944B

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 184B

_DATA
Size: 512B - Virtual size: 150B

.rsrc
Size: 20KB - Virtual size: 19KB