867193347aec559116a158676a3a3345_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

867193347aec559116a158676a3a3345_JaffaCakes118
Size

246KB
MD5

867193347aec559116a158676a3a3345
SHA1

de0d149b0c8af57b8db8495f6be96efa519012e0
SHA256

41a68c3838213aaadc8b2944a9e14137a7583851527ebc047c092aa29c01a513
SHA512

60a44a64beff423de49491caacdb9669833f3dc7418f79432ec41f5a76fbb42872eaf0fbc87daf5f35863754412136b7175e83b60ba327cdebec1bc3b77709ba
SSDEEP

6144:LPN6fomEP1dQSVXDbOOvLd60vw+/XYB0lb:LPwfomEtKSVzDvBZvb/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
867193347aec559116a158676a3a3345_JaffaCakes118

Files

867193347aec559116a158676a3a3345_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb20890f280f79482389f27d57ed751b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapFree
GetModuleHandleW
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
WideCharToMultiByte
RtlUnwind
HeapAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
SetFilePointer
IsProcessorFeaturePresent
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
BeginUpdateResourceW
GetProcAddress

riched20

CreateTextServices

dsdmo

DllUnregisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wn
Size: 512B - Virtual size: 313B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vZLqt
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.euXasO
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.k
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eQNXTi
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aF
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb20890f280f79482389f27d57ed751b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

riched20

dsdmo

Sections

.text Size: 18KB - Virtual size: 17KB

.wn Size: 512B - Virtual size: 313B

.vZLqt Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.euXasO Size: 2KB - Virtual size: 2KB

.k Size: 1024B - Virtual size: 1KB

.eQNXTi Size: 1024B - Virtual size: 1KB

.data Size: 214KB - Virtual size: 342KB

.aF Size: 512B - Virtual size: 225B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.wn
Size: 512B - Virtual size: 313B

.vZLqt
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.euXasO
Size: 2KB - Virtual size: 2KB

.k
Size: 1024B - Virtual size: 1KB

.eQNXTi
Size: 1024B - Virtual size: 1KB

.data
Size: 214KB - Virtual size: 342KB

.aF
Size: 512B - Virtual size: 225B

.rsrc
Size: 4KB - Virtual size: 4KB