b178d1bb09c9333c4a58f3049c5c098a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b178d1bb09c9333c4a58f3049c5c098a_JaffaCakes118
Size

185KB
MD5

b178d1bb09c9333c4a58f3049c5c098a
SHA1

81275d09a709e579e52bb0489defeb444a18afec
SHA256

bb6b541b35fc04e97f982ae81dfcfd7eb4752fe0cf9e280ec6d428dd19ce2406
SHA512

739f5b4fdfb5611b74abeb8af64fea0f0303cf2b28c6dfdd5083c2153de346440d882638885315e128aed912cbed38c14f1c046356034beb893d59fa50e17ce6
SSDEEP

3072:CwnUGgApXhiH/oMmMSAW+ZX3N8Wq2pqvbuugewCmzdIb:zUkpXc/oEFW+p3+Wfp3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b178d1bb09c9333c4a58f3049c5c098a_JaffaCakes118

Files

b178d1bb09c9333c4a58f3049c5c098a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e6cd595520f5f516461303b1d88c9be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegDeleteValueA

kernel32

GetProcAddress
IsBadHugeReadPtr
GetACP
ExitThread
VirtualAllocEx
lstrlenA
GetLastError
GetVersionExA
LoadLibraryA
ExitProcess
lstrlenW
GetCommandLineW
GetModuleHandleA

user32

FrameRect
DeleteMenu

gdi32

GetDIBits
CreateCompatibleBitmap
GetPaletteEntries
SelectObject
CreateCompatibleDC
RestoreDC
CreateDIBitmap
GetClipBox

Sections

CODE
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES4
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES2
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES8
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES5
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES1
Size: 512B - Virtual size: 429B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e6cd595520f5f516461303b1d88c9be

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

Sections

CODE Size: 20KB - Virtual size: 19KB

DATA Size: 153KB - Virtual size: 153KB

RES4 Size: 1024B - Virtual size: 690B

RES0 Size: 1KB - Virtual size: 1KB

RES6 Size: 2KB - Virtual size: 1KB

RES2 Size: 512B - Virtual size: 80KB

RES8 Size: 1024B - Virtual size: 681B

RES5 Size: 2KB - Virtual size: 1KB

RES1 Size: 512B - Virtual size: 429B

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 20KB - Virtual size: 19KB

DATA
Size: 153KB - Virtual size: 153KB

RES4
Size: 1024B - Virtual size: 690B

RES0
Size: 1KB - Virtual size: 1KB

RES6
Size: 2KB - Virtual size: 1KB

RES2
Size: 512B - Virtual size: 80KB

RES8
Size: 1024B - Virtual size: 681B

RES5
Size: 2KB - Virtual size: 1KB

RES1
Size: 512B - Virtual size: 429B

.rsrc
Size: 2KB - Virtual size: 2KB