8c797d35a3b1339a97fc5bacf6f91fe3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c797d35a3b1339a97fc5bacf6f91fe3_JaffaCakes118
Size

100KB
MD5

8c797d35a3b1339a97fc5bacf6f91fe3
SHA1

f7cfe2f8660b1db217ab61a59ef8af8ba554552a
SHA256

ff016d8ef66111d4b9cf8e183da5e48db05f91e76b2c8bf8cd9a99b053a4895d
SHA512

2a233cf7b28ecba6620186e1ec608ee50443d88c517c7952adea730d3c0501f3568dfc422cf53b1299b20bd4fd05687a4e062b4d55b58e2abdc9425fd46b7068
SSDEEP

1536:mJzf8WYTW+0iMc5/qSRwNGBfsET1eFNB0c:m50Nf5/7wwB5o/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c797d35a3b1339a97fc5bacf6f91fe3_JaffaCakes118

Files

8c797d35a3b1339a97fc5bacf6f91fe3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7d5359bbfb16e1673de25c59797d8c99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
InterlockedIncrement
ReadFile
HeapAlloc
LeaveCriticalSection
DeleteCriticalSection
lstrlenW
lstrcmpiW
GetProcessHeap
GetLastError
SetEvent
FreeLibrary
LoadLibraryW
VirtualAlloc
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetModuleFileNameA
GetProcessHeap
ExitProcess
SetUnhandledExceptionFilter
VirtualFree
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryW

Sections

.dmyh
Size: 87KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qefb
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gppg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fbwg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pffn
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eqng
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krea
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wuwt
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.duxm
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d5359bbfb16e1673de25c59797d8c99

Headers

File Characteristics

Imports

kernel32

Sections

.dmyh Size: 87KB - Virtual size: 104KB

.qefb Size: 1024B - Virtual size: 4KB

.gppg Size: 512B - Virtual size: 4KB

.fbwg Size: 512B - Virtual size: 4KB

.pffn Size: 1024B - Virtual size: 4KB

.eqng Size: 512B - Virtual size: 4KB

.krea Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 4KB

.wuwt Size: 1024B - Virtual size: 4KB

.duxm Size: 1024B - Virtual size: 4KB

.dmyh
Size: 87KB - Virtual size: 104KB

.qefb
Size: 1024B - Virtual size: 4KB

.gppg
Size: 512B - Virtual size: 4KB

.fbwg
Size: 512B - Virtual size: 4KB

.pffn
Size: 1024B - Virtual size: 4KB

.eqng
Size: 512B - Virtual size: 4KB

.krea
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 4KB

.wuwt
Size: 1024B - Virtual size: 4KB

.duxm
Size: 1024B - Virtual size: 4KB