a11efbf5143208fee93648c67d5b178b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a11efbf5143208fee93648c67d5b178b_JaffaCakes118
Size

182KB
MD5

a11efbf5143208fee93648c67d5b178b
SHA1

263eb86d782398b8d581e45518650e6eb98b1acd
SHA256

41b4f16de6ed910308b6e9731ad7e0fc05e1e9f04afdb62551dbd197d556e1f2
SHA512

345c71959988cdbc45425542a32c3813031d546efecd6bc28c7c424949b8584abcc52ab60005e259e7d477501e372595fc94c7ae813c6e08956989570dca0448
SSDEEP

768:JiSzQdFlfPmOYteHlPHGLoxQ9C3X1FkK6HSiyAvBbWIWIZHEAnFfUlsTOur+O9md:ROYoHRBxQ9gNiXvlXppNnZssZrTVUcFg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a11efbf5143208fee93648c67d5b178b_JaffaCakes118

Files

a11efbf5143208fee93648c67d5b178b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c842b5df6a541364ce5668d6bde0d75c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
LeaveCriticalSection
InitializeCriticalSection
GetStartupInfoW
GetCommandLineW
MultiByteToWideChar
VirtualAlloc
FormatMessageW
SetEvent
MultiByteToWideChar
Sleep
FreeLibrary
GetCurrentProcessId
VirtualFree
Sleep
MultiByteToWideChar
MultiByteToWideChar
SetLastError
HeapDestroy
VirtualAlloc
lstrcpyW
LocalFree
GetCurrentProcessId
HeapFree
SetLastError
VirtualFree
GetStartupInfoW
GetCurrentThreadId
WriteFile
LeaveCriticalSection
GetCurrentProcess
CreateThread
lstrcpyW
CreateFileW
InitializeCriticalSection
HeapAlloc
GetCurrentProcessId
QueryPerformanceCounter
FreeLibrary
GetCurrentProcessId
LocalAlloc
LocalAlloc
GetStartupInfoW
LoadLibraryA
GetModuleFileNameA

Sections

.vwpa
Size: 170KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aibq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wuwm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udjt
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pgpl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.baat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qlgk
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvkn
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c842b5df6a541364ce5668d6bde0d75c

Headers

File Characteristics

Imports

kernel32

Sections

.vwpa Size: 170KB - Virtual size: 260KB

.aibq Size: 512B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.wuwm Size: 512B - Virtual size: 4KB

.udjt Size: 1KB - Virtual size: 4KB

.pgpl Size: 512B - Virtual size: 4KB

.baat Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 4KB

.qlgk Size: 1024B - Virtual size: 4KB

.nvkn Size: 1024B - Virtual size: 4KB

.vwpa
Size: 170KB - Virtual size: 260KB

.aibq
Size: 512B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.wuwm
Size: 512B - Virtual size: 4KB

.udjt
Size: 1KB - Virtual size: 4KB

.pgpl
Size: 512B - Virtual size: 4KB

.baat
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 4KB

.qlgk
Size: 1024B - Virtual size: 4KB

.nvkn
Size: 1024B - Virtual size: 4KB