95b0af46686ee6c134f6c734503b6dee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95b0af46686ee6c134f6c734503b6dee_JaffaCakes118
Size

116KB
MD5

95b0af46686ee6c134f6c734503b6dee
SHA1

8a594bbd1a20c2882eac44f70a5422635aadfa9f
SHA256

38d29c34c4f92554eefdc012b249889b162d18d48b0977d235a3993b0df7cc3a
SHA512

18d2b7eee1c6285419bdbad888d420445e4084edd6f83ee138b18a6e081c1c773b4b088ff771a6ab6d52b69189d786a2100637183d83f18c2aecc7aeed495567
SSDEEP

768:KU0Dm/QES+c3blYRCmFL0VcWmbV4KLw5Y/pJtDv8p9JS4tFs/v55:br/k3blmiVfm54q98pvS6Fs3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95b0af46686ee6c134f6c734503b6dee_JaffaCakes118

Files

95b0af46686ee6c134f6c734503b6dee_JaffaCakes118
.exe windows:1 windows x86 arch:x86

5124546e2115ea028e87565e14c0b7e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetCommandLineA
LoadLibraryW
HeapAlloc
TerminateProcess
InterlockedDecrement
Sleep
FormatMessageW
WriteFile
LoadLibraryW
CreateThread
UnhandledExceptionFilter
EnterCriticalSection
GetStartupInfoW
MultiByteToWideChar
GetStartupInfoW
VirtualAlloc
lstrlenW
GetProcAddress
lstrlenW
FreeLibrary
GetProcAddress
WriteFile
UnhandledExceptionFilter
InitializeCriticalSection
InterlockedDecrement
FormatMessageW
GetProcAddress
SetUnhandledExceptionFilter
GetModuleHandleW
FreeLibrary
LocalFree
HeapFree
HeapReAlloc
HeapDestroy
HeapReAlloc
ExitProcess
LocalAlloc
SetLastError
GetACP
EnterCriticalSection
CreateFileW
LocalFree
GetVersionExA
FreeLibrary
UnhandledExceptionFilter
FreeLibrary
SetUnhandledExceptionFilter
SetEvent
MultiByteToWideChar
SetLastError
lstrcpyW
GetProcessHeap
SetLastError
GetACP
GetVersionExA
LoadLibraryA
GetSystemTimeAsFileTime
lstrlenW
WaitForSingleObject
InterlockedDecrement
CloseHandle
LocalAlloc
LoadLibraryW
GetVersionExA
GetStartupInfoW
lstrcpyW
LocalFree
WriteFile
CloseHandle
GetModuleHandleW
GetModuleHandleW
FormatMessageW
FormatMessageW
GetCommandLineA
LeaveCriticalSection
HeapFree
SetLastError
GetACP
ReadFile
QueryPerformanceCounter
SetFilePointer
TerminateProcess
GetTickCount
SetLastError
SetUnhandledExceptionFilter
WideCharToMultiByte
EnterCriticalSection
ExitProcess
GetModuleHandleA
SetEvent
SetEvent
LeaveCriticalSection
lstrlenW
CreateThread
WideCharToMultiByte
WaitForSingleObject
GetModuleFileNameA
LocalFree
lstrcmpiW

Sections

.qxyb
Size: 102KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nofi
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixfs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icco
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mjjs
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qsas
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fegj
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.biea
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lsis
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5124546e2115ea028e87565e14c0b7e5

Headers

File Characteristics

Imports

kernel32

Sections

.qxyb Size: 102KB - Virtual size: 120KB

.nofi Size: 1024B - Virtual size: 4KB

.ixfs Size: 512B - Virtual size: 4KB

.icco Size: 512B - Virtual size: 4KB

.mjjs Size: 3KB - Virtual size: 4KB

.qsas Size: 512B - Virtual size: 4KB

.fegj Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 4KB

.biea Size: 1024B - Virtual size: 4KB

.lsis Size: 1024B - Virtual size: 4KB

.qxyb
Size: 102KB - Virtual size: 120KB

.nofi
Size: 1024B - Virtual size: 4KB

.ixfs
Size: 512B - Virtual size: 4KB

.icco
Size: 512B - Virtual size: 4KB

.mjjs
Size: 3KB - Virtual size: 4KB

.qsas
Size: 512B - Virtual size: 4KB

.fegj
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 4KB

.biea
Size: 1024B - Virtual size: 4KB

.lsis
Size: 1024B - Virtual size: 4KB