a261d4b04a7c55188a0e20861da35b3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a261d4b04a7c55188a0e20861da35b3d_JaffaCakes118
Size

192KB
MD5

a261d4b04a7c55188a0e20861da35b3d
SHA1

c6d2de31bbf91cfaa5b1ff7bc90a5045bcc5ae42
SHA256

636075b14451df1840eacda0ebd7cb6bf1eeb74deb5a2983cbfeda2020b25587
SHA512

ad533c71956d1baa8308225bc5be7c7031cc5953d2ab32d5b70d77431ab9b5e99ae3faaf3a2b65681f8f29ca7babaea8a70834f810a0b5b85af9eacb7ccd01ad
SSDEEP

3072:BifuBx3Td6ky2nCvQSfW631YJypVjCULNXoUZDufv:wfo93Jn0BW632++UZDuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a261d4b04a7c55188a0e20861da35b3d_JaffaCakes118

Files

a261d4b04a7c55188a0e20861da35b3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86088b907be48ce3a952752cc63eb0dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentProcessId
GetOEMCP
GetCommandLineW
GetCurrentThreadId
GetCPInfo
VirtualAllocEx
GetThreadLocale
GetCommandLineA

user32

GetActiveWindow
TrackPopupMenu
TranslateMessage
TranslateMDISysAccel
UnhookWindowsHookEx
IsWindow
CharNextA
IsCharUpperA
CharUpperA

shlwapi

PathIsDirectoryA
SHEnumValueA
SHDeleteKeyA
PathFileExistsA

Exports

Exports

_U4jPAn9qP
_7LnlvQrFV
_UFR7U
8Bpwyhc4oznqqM
KPqnm9
_FY9vPQaFXi_kKs
_wdDK1@4
neW6eGGPT@20
_lQifnM
_q7MXiBnA2eh
_ORssMDhV2uD@8
_YadI5Sq0fzy@8
_FUtS9fIdKFrTpY
QoKi4vX7S@20
LU7deJp2KjfwCx
Bhx7dwmJxQrGCQ@20

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 1024B - Virtual size: 575B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86088b907be48ce3a952752cc63eb0dc

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

DATA Size: 158KB - Virtual size: 158KB

.tls Size: 2KB - Virtual size: 121KB

.rdata Size: 512B - Virtual size: 374B

.idata Size: 1024B - Virtual size: 662B

BSS Size: 1024B - Virtual size: 575B

.edata Size: 512B - Virtual size: 416B

.res Size: 20KB - Virtual size: 19KB

.text
Size: 7KB - Virtual size: 7KB

DATA
Size: 158KB - Virtual size: 158KB

.tls
Size: 2KB - Virtual size: 121KB

.rdata
Size: 512B - Virtual size: 374B

.idata
Size: 1024B - Virtual size: 662B

BSS
Size: 1024B - Virtual size: 575B

.edata
Size: 512B - Virtual size: 416B

.res
Size: 20KB - Virtual size: 19KB