b267b171677b740bd4fe1ef7d54e69b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b267b171677b740bd4fe1ef7d54e69b9_JaffaCakes118
Size

116KB
MD5

b267b171677b740bd4fe1ef7d54e69b9
SHA1

b1dcd19c1668b5d8f201c4e270867d29eda3d289
SHA256

2aa8874d77f99ad9abb63c462815ebfec6d86577d88746f39e1bb9568b30a7dd
SHA512

c9d4822c9cc441f00698d0000b0f1f513a63b0e6d801a95188920332afc732a56761315e6e7f07e549ba9124315b754d5b87c5b981486dcd583ff2148c827701
SSDEEP

768:7Q01Uu9A4xvBijxdsOpayU1W1NJUCcIGtpgDVqeSsEpqUKF5sqgo+eh:7Qst5iddsO0yU16qCKyVNjEgUKUpK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b267b171677b740bd4fe1ef7d54e69b9_JaffaCakes118

Files

b267b171677b740bd4fe1ef7d54e69b9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

19d71cb500a082990c824ea3eede85e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
Sleep
WideCharToMultiByte
FormatMessageW
FreeLibrary
WriteFile
MultiByteToWideChar
GetCurrentProcessId
GetTickCount
DeleteCriticalSection
ExitProcess
LoadLibraryA
EnterCriticalSection
GetVersionExA
SetLastError
TerminateProcess
GetCurrentProcessId
FreeLibrary
InterlockedDecrement
GetCurrentProcess
FreeLibrary
GetModuleFileNameA
GetStartupInfoW
GetLastError
SetFilePointer

Sections

.hfku
Size: 102KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gosy
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wtvl
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.slqp
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hxtw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vopd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avgl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fscf
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tswr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19d71cb500a082990c824ea3eede85e2

Headers

File Characteristics

Imports

kernel32

Sections

.hfku Size: 102KB - Virtual size: 120KB

.gosy Size: 1024B - Virtual size: 4KB

.wtvl Size: 1KB - Virtual size: 4KB

.slqp Size: 1024B - Virtual size: 4KB

.hxtw Size: 512B - Virtual size: 4KB

.vopd Size: 512B - Virtual size: 4KB

.avgl Size: 512B - Virtual size: 4KB

.fscf Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 28B

.tswr Size: 1024B - Virtual size: 4KB

.hfku
Size: 102KB - Virtual size: 120KB

.gosy
Size: 1024B - Virtual size: 4KB

.wtvl
Size: 1KB - Virtual size: 4KB

.slqp
Size: 1024B - Virtual size: 4KB

.hxtw
Size: 512B - Virtual size: 4KB

.vopd
Size: 512B - Virtual size: 4KB

.avgl
Size: 512B - Virtual size: 4KB

.fscf
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 28B

.tswr
Size: 1024B - Virtual size: 4KB