adf61fe3ed21c5507a5b9e5e94feb29c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adf61fe3ed21c5507a5b9e5e94feb29c_JaffaCakes118
Size

125KB
MD5

adf61fe3ed21c5507a5b9e5e94feb29c
SHA1

c694b8ad4ede61f6c332aced20f86685549eb89a
SHA256

68d5946bc051912696c17898d91c6cabcc56045993250224114052c0a2283a1f
SHA512

886afb7c9de06544b113afb648de3d495ed0a2aecf1902104303cb8669d55e01877b8cd0dbf5a7b8dc9682d7e4315cc259d8e56178de838361fa771f97c2e6cf
SSDEEP

1536:XyaVwuP5oYW7/G4gYkbmKUAm0AUfVnjnaw/0:DP5oyZYsmK9hVjnaw/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adf61fe3ed21c5507a5b9e5e94feb29c_JaffaCakes118

Files

adf61fe3ed21c5507a5b9e5e94feb29c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

084972c553430f5da9b28ece5089d691

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
lstrcmpiW
GetProcessHeap
VirtualAlloc
WideCharToMultiByte
UnhandledExceptionFilter
WaitForSingleObject
UnhandledExceptionFilter
QueryPerformanceCounter
GetProcAddress
LocalAlloc
EnterCriticalSection
HeapReAlloc
EnterCriticalSection
GetStartupInfoA
ReadFile
CloseHandle
InitializeCriticalSection
VirtualAlloc
GetACP
VirtualFree
CreateFileW
HeapAlloc
WideCharToMultiByte
UnhandledExceptionFilter
LeaveCriticalSection
UnhandledExceptionFilter
SetLastError
GetCommandLineA
GetCommandLineW
GetModuleHandleA
GetCommandLineW
lstrlenW
LoadLibraryA
GetCurrentProcessId
GetProcAddress
GetStartupInfoA
DeleteCriticalSection
InterlockedDecrement
CreateThread
EnterCriticalSection
CreateThread
LocalFree
GetCommandLineW
CreateThread

Sections

.cibc
Size: 114KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lnjt
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wrlv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ykdq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xnmp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.escd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jxmt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.fqkx
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rbfl
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bpkc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

084972c553430f5da9b28ece5089d691

Headers

File Characteristics

Imports

kernel32

Sections

.cibc Size: 114KB - Virtual size: 120KB

.lnjt Size: 1024B - Virtual size: 4KB

.wrlv Size: 512B - Virtual size: 4KB

.ykdq Size: 512B - Virtual size: 4KB

.xnmp Size: 1KB - Virtual size: 4KB

.escd Size: 512B - Virtual size: 4KB

.jxmt Size: 3KB - Virtual size: 3KB

.fqkx Size: 512B - Virtual size: 24B

.rbfl Size: 1024B - Virtual size: 4KB

.bpkc Size: 1024B - Virtual size: 4KB

.cibc
Size: 114KB - Virtual size: 120KB

.lnjt
Size: 1024B - Virtual size: 4KB

.wrlv
Size: 512B - Virtual size: 4KB

.ykdq
Size: 512B - Virtual size: 4KB

.xnmp
Size: 1KB - Virtual size: 4KB

.escd
Size: 512B - Virtual size: 4KB

.jxmt
Size: 3KB - Virtual size: 3KB

.fqkx
Size: 512B - Virtual size: 24B

.rbfl
Size: 1024B - Virtual size: 4KB

.bpkc
Size: 1024B - Virtual size: 4KB