bc93a19fae7bab50aac89f81664f293d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc93a19fae7bab50aac89f81664f293d_JaffaCakes118
Size

273KB
MD5

bc93a19fae7bab50aac89f81664f293d
SHA1

bb7d53005b820dbfed327a98088245c0d6eaea0f
SHA256

69a0ae36fcc0253d54666b14f5776676dd50c8ff37446737cf83f57dc5a3c883
SHA512

d3b161488b4afc084306ac4785866b7c37ec668bfbf4a8289331350bd3ba8728ef7cd3b30feb37b9e220536978733b7fb4b727be567158da1621d2932118f8dd
SSDEEP

6144:xL27/vgOQrrmYDOkLNhpF2jnJC5ZEl1cWKbuQdn:cAZyYrLX2dyG1oKQdn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc93a19fae7bab50aac89f81664f293d_JaffaCakes118

Files

bc93a19fae7bab50aac89f81664f293d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4995aaebd5c84a5239b752efe66b78e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
TlsAlloc
GetLastError
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateMutexA
GetProcAddress

msasn1

ASN1BEREncCheck
ASN1BEREncNull
ASN1BEREncObjectIdentifier
ASN1BERDecEoid
ASN1objectidentifier2_cmp
ASN1CEREncEndBlk
ASN1BERDecZeroChar32String
ASN1_CloseEncoder2
ASN1BERDotVal2Eoid
ASN1BEREoid_free
ASN1intx2int32
ASN1BERDecZeroChar16String
ASN1BEREncS32
ASN1intx_free
ASN1DecSetError
ASN1BERDecBool
ASN1BEREncEoid
ASN1BERDecU16Val
ASN1_FreeDecoded
ASN1BEREncExplicitTag

wmpshell

DllRegisterServer

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Eh
Size: 4KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TbhYlY
Size: 4KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.HdsQa
Size: 3KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o
Size: 4KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 83KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.f
Size: 1024B - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 133KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t
Size: 2KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4995aaebd5c84a5239b752efe66b78e7

Headers

File Characteristics

Imports

kernel32

msasn1

wmpshell

Sections

.rdata Size: 4KB - Virtual size: 4KB

.Eh Size: 4KB - Virtual size: 263KB

.TbhYlY Size: 4KB - Virtual size: 103KB

.text Size: 16KB - Virtual size: 15KB

.HdsQa Size: 3KB - Virtual size: 707KB

.rdata Size: 2KB - Virtual size: 28KB

.o Size: 4KB - Virtual size: 824KB

.edata Size: 83KB - Virtual size: 178KB

.f Size: 1024B - Virtual size: 82KB

.data Size: 8KB - Virtual size: 336KB

.edata Size: 133KB - Virtual size: 219KB

.t Size: 2KB - Virtual size: 408KB

.rsrc Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.Eh
Size: 4KB - Virtual size: 263KB

.TbhYlY
Size: 4KB - Virtual size: 103KB

.text
Size: 16KB - Virtual size: 15KB

.HdsQa
Size: 3KB - Virtual size: 707KB

.rdata
Size: 2KB - Virtual size: 28KB

.o
Size: 4KB - Virtual size: 824KB

.edata
Size: 83KB - Virtual size: 178KB

.f
Size: 1024B - Virtual size: 82KB

.data
Size: 8KB - Virtual size: 336KB

.edata
Size: 133KB - Virtual size: 219KB

.t
Size: 2KB - Virtual size: 408KB

.rsrc
Size: 5KB - Virtual size: 5KB