8dc6b0087e3a02d61d86a6d42927f9d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8dc6b0087e3a02d61d86a6d42927f9d2_JaffaCakes118
Size

397KB
MD5

8dc6b0087e3a02d61d86a6d42927f9d2
SHA1

e1c99c3a52ec4dcefcf1bfae4d86634b1116fb4d
SHA256

5c5f1f3be84de7de39d005f94310fd4611cff5137c935c4bb435ae321a795399
SHA512

39c3c2c875dac603844637131066d07d235e180a574cd7afb339505fa9019b1014dd5c6a895459af4b5e0a87d39b8adc55ded8bb0c6fa490dd96570524308311
SSDEEP

6144:B+C35FuJTlsFTWYf/wPQ5ha9DXEI+R7HojKDt4RH41jaKx52Rzm8tkxxv:AC3503sJ/wPplUBHWSyY1z8ibxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dc6b0087e3a02d61d86a6d42927f9d2_JaffaCakes118

Files

8dc6b0087e3a02d61d86a6d42927f9d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

797d36f8fec1331fde564dcf4178596d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

CharNextA
MessageBoxA

oleaut32

SysFreeString

advapi32

RegSetValueExA

ole32

OleInitialize

pstorec

PStoreCreateInstance

rasapi32

RasGetEntryDialParamsA

shell32

SHGetSpecialFolderPathA

crypt32

CryptUnprotectData

Sections

CODE
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

797d36f8fec1331fde564dcf4178596d

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

ole32

pstorec

rasapi32

shell32

crypt32

Sections

CODE Size: - Virtual size: 44KB

DATA Size: - Virtual size: 544B

BSS Size: - Virtual size: 4KB

.idata Size: - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 230KB

.vmp1 Size: - Virtual size: 84KB

.vmp2 Size: 395KB - Virtual size: 394KB

.reloc Size: 512B - Virtual size: 136B

CODE
Size: - Virtual size: 44KB

DATA
Size: - Virtual size: 544B

BSS
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 230KB

.vmp1
Size: - Virtual size: 84KB

.vmp2
Size: 395KB - Virtual size: 394KB

.reloc
Size: 512B - Virtual size: 136B