939856500dfdd7ddcc058f444906a928_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

939856500dfdd7ddcc058f444906a928_JaffaCakes118
Size

165KB
MD5

939856500dfdd7ddcc058f444906a928
SHA1

76b49e15dfa9217da222660b9c5e8313aa21038b
SHA256

1c946f20944b794f416f491f49a53d74925c16392f8e7d3794b7a45e5f079d7a
SHA512

65c4e47bc25de2b4b0a4c84a2587900e95c90cd10ce385a5c439b3dc7f3e34dfe83e5633bbf9ea10553c15f3c768fc3fa860b61880d9b026955f91c7b85b39ef
SSDEEP

3072:unOb6hryQhrBybUIecpd11Ex7nuh83qxv+WiS9aQtrQd/XniG:cOOryQNEy211Ex6h83q8WUlFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
939856500dfdd7ddcc058f444906a928_JaffaCakes118

Files

939856500dfdd7ddcc058f444906a928_JaffaCakes118
.exe windows:4 windows x86 arch:x86

175417b17995247ddfa05d1a982b042b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

traffic

TcEnumerateInterfaces
TcRegisterClient
TcOpenInterfaceW
TcDeregisterClient
TcQueryInterface
TcCloseInterface
TcQueryFlowW
TcEnumerateFlows

kernel32

GlobalMemoryStatusEx
GetTimeZoneInformation
GetModuleHandleW
GlobalLock
GetShortPathNameW
CreateSemaphoreW
GetUserDefaultUILanguage
IsBadWritePtr
GetPrivateProfileIntA
_lclose
WaitForSingleObject
TlsAlloc
ExitProcess
FindNextVolumeMountPointW
GetCommandLineW
HeapReAlloc
GetCurrentProcess
GetCurrentProcessId
AreFileApisANSI
GetCurrencyFormatW
VirtualAlloc
GetDiskFreeSpaceA

gdi32

SetROP2
MoveToEx
GetGlyphOutlineW
SetMetaFileBitsEx
SelectClipRgn
CreateDIBitmap
CloseFigure
CopyMetaFileA
GetDCOrgEx
ScaleViewportExtEx
SetGraphicsMode
ArcTo
ModifyWorldTransform
StrokePath
SetLayoutWidth
CreateBitmapIndirect
TranslateCharsetInfo

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 5KB - Virtual size: 655KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4.4MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

175417b17995247ddfa05d1a982b042b

Headers

File Characteristics

Imports

traffic

kernel32

gdi32

Sections

.text Size: 11KB - Virtual size: 10KB

.edata Size: 5KB - Virtual size: 655KB

.data Size: 4.4MB - Virtual size: 5.3MB

.tls Size: - Virtual size: 2KB

.textbs Size: 512B - Virtual size: 24B

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 1024B - Virtual size: 968B

.text
Size: 11KB - Virtual size: 10KB

.edata
Size: 5KB - Virtual size: 655KB

.data
Size: 4.4MB - Virtual size: 5.3MB

.tls
Size: - Virtual size: 2KB

.textbs
Size: 512B - Virtual size: 24B

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 1024B - Virtual size: 968B