bd2fc2362ec1f4f8e98baf68faa79d13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd2fc2362ec1f4f8e98baf68faa79d13_JaffaCakes118
Size

103KB
MD5

bd2fc2362ec1f4f8e98baf68faa79d13
SHA1

baaf8a2a47cd7ad0a687e5851b5ad7b0c6a5ca08
SHA256

77cf45962afae7596bc7eee6ddda6c43a69c191f4d3af7afc17c65dc36c4eb54
SHA512

cff836cce2b55ee02928ec29a8af935f8e31d0fd8d6b1727ea2c16b446cbc9f7cac86a5cd8a58f5fe6ac213ba680e1aae7d5b535ddc4e00dd5e2b631f677e93d
SSDEEP

768:UBJWDNoR8jkvM6zQ4dLGYWurNHfluC6xYE68s2Xzcivx05IUytu:U/W+fpsR6OgEjs2RoB3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd2fc2362ec1f4f8e98baf68faa79d13_JaffaCakes118

Files

bd2fc2362ec1f4f8e98baf68faa79d13_JaffaCakes118
.exe windows:1 windows x86 arch:x86

345330e7a08db31f730772272e7c9887

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
InterlockedDecrement
MultiByteToWideChar
GetCommandLineA
lstrcmpiW
lstrcpyW
ExitProcess
GetCommandLineW
DeleteCriticalSection
SetFilePointer
VirtualFree
GetStartupInfoW
GetModuleHandleW
VirtualFree
CreateFileW
GetCurrentThreadId
ReadFile
InterlockedDecrement
LoadLibraryA
GetSystemTimeAsFileTime
GetStartupInfoA
CloseHandle
LocalAlloc
CloseHandle
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
GetModuleFileNameA
InterlockedIncrement
GetLastError
EnterCriticalSection
GetACP
MultiByteToWideChar
GetCurrentProcess
GetCurrentProcess
Sleep
CreateThread
GetModuleHandleW
TerminateProcess
GetModuleFileNameA
ReadFile
SetEvent
ReadFile
lstrcmpiW

Sections

.mnyk
Size: 88KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pynm
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hchb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uwov
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ioou
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ybxy
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qebg
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bphq
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lmsq
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

345330e7a08db31f730772272e7c9887

Headers

File Characteristics

Imports

kernel32

Sections

.mnyk Size: 88KB - Virtual size: 104KB

.pynm Size: 1024B - Virtual size: 4KB

.hchb Size: 512B - Virtual size: 4KB

.uwov Size: 512B - Virtual size: 4KB

.ioou Size: 1KB - Virtual size: 4KB

.ybxy Size: 512B - Virtual size: 4KB

.qebg Size: 5KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.bphq Size: 1024B - Virtual size: 4KB

.lmsq Size: 1024B - Virtual size: 4KB

.mnyk
Size: 88KB - Virtual size: 104KB

.pynm
Size: 1024B - Virtual size: 4KB

.hchb
Size: 512B - Virtual size: 4KB

.uwov
Size: 512B - Virtual size: 4KB

.ioou
Size: 1KB - Virtual size: 4KB

.ybxy
Size: 512B - Virtual size: 4KB

.qebg
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.bphq
Size: 1024B - Virtual size: 4KB

.lmsq
Size: 1024B - Virtual size: 4KB