b5d1d37854924715b1e71aa31037a5ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5d1d37854924715b1e71aa31037a5ac_JaffaCakes118
Size

118KB
MD5

b5d1d37854924715b1e71aa31037a5ac
SHA1

077d5bd92de4613db8dc7575424ca8a63100ad49
SHA256

b8d57f6d550a694ac29fac06a5bb7b235d1ca487624a5c48943801daf7cfba0a
SHA512

28a4ff7fd3871243bb46ea3b6b1b73f5cabbed25ae82ae4322e659716e5f11e3b867c9352cff4ffea3ff2a5c280c2a2aacd29e5ea465d4e502cc8d5fabcc02c1
SSDEEP

1536:44xnnifLLqhFq5jyRnVYT4n/DvJiv8Ujv:fnif/qhF829qT4n/sv8Ub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5d1d37854924715b1e71aa31037a5ac_JaffaCakes118

Files

b5d1d37854924715b1e71aa31037a5ac_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7390af7c83864a37d89acb64255a19f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetTickCount
FormatMessageW
LoadLibraryW
ExitProcess
GetStartupInfoA
WaitForSingleObject
SetEvent
GetACP
GetProcAddress
GetStartupInfoW
SetLastError
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcessId
GetStartupInfoW
LocalFree
HeapAlloc
SetFilePointer
SetUnhandledExceptionFilter
WaitForSingleObject
InitializeCriticalSection
WideCharToMultiByte
lstrcpyW
lstrlenW
InterlockedIncrement
WaitForSingleObject
GetCurrentProcessId
SetFilePointer
GetCommandLineW
InterlockedIncrement
lstrcpyW
HeapAlloc
GetModuleHandleA
lstrcmpiW
CloseHandle
HeapAlloc
LoadLibraryA
QueryPerformanceCounter
FormatMessageW
DeleteCriticalSection
CreateThread
lstrcpyW
QueryPerformanceCounter

Sections

.kaxg
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yits
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mjhr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pwts
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hxlf
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iwcx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joaf
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sahj
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yrcj
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7390af7c83864a37d89acb64255a19f5

Headers

File Characteristics

Imports

kernel32

Sections

.kaxg Size: 104KB - Virtual size: 120KB

.yits Size: 1024B - Virtual size: 4KB

.mjhr Size: 512B - Virtual size: 4KB

.pwts Size: 512B - Virtual size: 4KB

.hxlf Size: 1KB - Virtual size: 4KB

.iwcx Size: 512B - Virtual size: 4KB

.joaf Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 28B

.sahj Size: 1024B - Virtual size: 4KB

.yrcj Size: 1024B - Virtual size: 4KB

.kaxg
Size: 104KB - Virtual size: 120KB

.yits
Size: 1024B - Virtual size: 4KB

.mjhr
Size: 512B - Virtual size: 4KB

.pwts
Size: 512B - Virtual size: 4KB

.hxlf
Size: 1KB - Virtual size: 4KB

.iwcx
Size: 512B - Virtual size: 4KB

.joaf
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 28B

.sahj
Size: 1024B - Virtual size: 4KB

.yrcj
Size: 1024B - Virtual size: 4KB