8e778fb1c21a6703323a949f5b2b292b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e778fb1c21a6703323a949f5b2b292b_JaffaCakes118
Size

13KB
MD5

8e778fb1c21a6703323a949f5b2b292b
SHA1

ab693cf13c998e0492cec00d6122b973d2755f49
SHA256

542a98f48d1193bf87c5cf8618cb59d8640d344bf595f7b5e6d5ba20312c283b
SHA512

510ee9f2e4181c5e1456545c05491509623868ffb6642a8fa38d0905a766067bcfff477bc7c99e7231a50085438c36b4520c726958e7dfcac0b917c113ed6e5c
SSDEEP

192:ywsKk04OZFs1mFJZXyl/vtZeD5597qBpjtKGY/NhI3:ywds1mHJyl/lgDh76jYFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e778fb1c21a6703323a949f5b2b292b_JaffaCakes118

Files

8e778fb1c21a6703323a949f5b2b292b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af60684d52ee51aa2e8a913af2c6d66c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA

mfc70

ord1097

msvcr70

__dllonexit
_onexit
??1type_info@@UAE@XZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
_except_handler3
__CxxFrameHandler
_amsg_exit

rmsserv

ord344
ord433
ord345

rmscore

ord147
ord81
ord151
ord842
ord846
ord844
ord840
ord263
ord590
ord86
ord14

rmsextn

ord540
ord607
ord430

v6ss_lib

ord114

rmswnd

ord646
ord426
ord1522
ord438
ord542
ord1049
ord1051
ord1053
ord1057
ord1630
ord845
ord449
ord875
ord415
ord73
ord190
ord187
ord344
ord70
ord333
ord91
ord1597
ord1520
ord520
ord539
ord1048
ord1050
ord1052
ord1629
ord844
ord414
ord36
ord153
ord1103
ord1004
ord432
ord408
ord334
ord498
ord791
ord779
ord1144
ord378
ord514
ord513
ord547
ord504
ord474
ord575
ord851
ord792
ord787
ord1189
ord463
ord1155
ord305
ord1193
ord615
ord1199
ord1201
ord961
ord1055
ord930
ord1028
ord846
ord548
ord530
ord468
ord1361
ord1360
ord806
ord660
ord544
ord1126
ord1350
ord1112
ord1110
ord716
ord905
ord1493
ord909
ord271
ord418
ord1173
ord60
ord316
ord76
ord177
ord628
ord42
ord1598
ord381
ord447

v6iv_lib

ord44
ord47

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af60684d52ee51aa2e8a913af2c6d66c

Headers

File Characteristics

Imports

kernel32

mfc70

msvcr70

rmsserv

rmscore

rmsextn

v6ss_lib

rmswnd

v6iv_lib

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB