b144b73a4d87faebed110b122a292dfb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b144b73a4d87faebed110b122a292dfb_JaffaCakes118
Size

145KB
MD5

b144b73a4d87faebed110b122a292dfb
SHA1

0428e09cfa15b84fb060979c37bb124bbd93f3f9
SHA256

6448c62df062386c752babdeb6fea38a0a4dee202a118d1631ee70349c675e56
SHA512

3e43790420ba302a51e0860fd33671db0cd3cfabd1b74ea6e6949ef8a4934b7d567fe04aa0072e9cd42c48b5b1b82f4ecbe49cde88fc2d0abdf59ee3fb304464
SSDEEP

768:uYRbnF5kRMZ6gmiONZnprL82yr1A7rOVlq6bmCssWqq5OjifR9KrIk1KH6aA:uonH6wpENg2h7rKlvZBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b144b73a4d87faebed110b122a292dfb_JaffaCakes118

Files

b144b73a4d87faebed110b122a292dfb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7eb568193b7e225e1b40347822699748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
UnhandledExceptionFilter
LocalFree
lstrlenW
ExitProcess
CloseHandle
GetVersionExA
WriteFile
DeleteCriticalSection
GetProcessHeap
SetEvent
VirtualAlloc
HeapDestroy
Sleep
FormatMessageW
SetEvent
GetModuleHandleW
HeapFree
InterlockedDecrement
HeapDestroy
TerminateProcess
InitializeCriticalSection
GetACP
InitializeCriticalSection
VirtualAlloc
QueryPerformanceCounter
GetModuleHandleA
InterlockedDecrement
QueryPerformanceCounter
LoadLibraryW
GetCurrentThreadId
LoadLibraryA
WaitForSingleObject
HeapAlloc
lstrlenW
CreateFileW
LoadLibraryA
GetVersionExA
GetModuleFileNameA
LeaveCriticalSection
LeaveCriticalSection
GetCurrentThreadId
lstrlenW
WriteFile

Sections

.ohbb
Size: 133KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.swtv
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dwed
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ijus
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.falx
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xivg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.biur
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rqev
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wkbi
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7eb568193b7e225e1b40347822699748

Headers

File Characteristics

Imports

kernel32

Sections

.ohbb Size: 133KB - Virtual size: 156KB

.swtv Size: 1024B - Virtual size: 4KB

.dwed Size: 512B - Virtual size: 4KB

.ijus Size: 512B - Virtual size: 4KB

.falx Size: 1KB - Virtual size: 4KB

.xivg Size: 512B - Virtual size: 4KB

.biur Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 4KB

.rqev Size: 1024B - Virtual size: 4KB

.wkbi Size: 1024B - Virtual size: 4KB

.ohbb
Size: 133KB - Virtual size: 156KB

.swtv
Size: 1024B - Virtual size: 4KB

.dwed
Size: 512B - Virtual size: 4KB

.ijus
Size: 512B - Virtual size: 4KB

.falx
Size: 1KB - Virtual size: 4KB

.xivg
Size: 512B - Virtual size: 4KB

.biur
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 4KB

.rqev
Size: 1024B - Virtual size: 4KB

.wkbi
Size: 1024B - Virtual size: 4KB