bed8c0dbf6fcf4f7d50d8d5223a87ed3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bed8c0dbf6fcf4f7d50d8d5223a87ed3_JaffaCakes118
Size

144KB
MD5

bed8c0dbf6fcf4f7d50d8d5223a87ed3
SHA1

7a66edf8d3d6a73bd3b3d5ee4c47a73e7c551ff5
SHA256

91af8a6f0951d5067a6d3f02484210661217b86bb7d661699f712bfd87f678fa
SHA512

fa7d4c508523dbd702638096e036062c0902672995dc72627f168ca6005121dede0e8ba25e7f6a8f8eb2897c85167b6624267aaf2622d5303dc922bcfa5ee877
SSDEEP

1536:wbq7elsRRQIFFdpkll9i9Y92MDnUzjji:mq7qsnFaVEaIi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bed8c0dbf6fcf4f7d50d8d5223a87ed3_JaffaCakes118

Files

bed8c0dbf6fcf4f7d50d8d5223a87ed3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a5ead195f35d796c48a0d814d26cfdd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
LocalAlloc
GetCurrentProcess
GetProcAddress
GetStartupInfoA
LoadLibraryW
WideCharToMultiByte
TerminateProcess
GetACP
HeapDestroy
ReadFile
GetACP
SetFilePointer
LeaveCriticalSection
TerminateProcess
lstrcpyW
LoadLibraryW
GetCurrentThreadId
Sleep
LoadLibraryA
WriteFile
LoadLibraryW
SetEvent
HeapAlloc
GetProcAddress
CreateFileW
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetCurrentThreadId
SetLastError
GetCommandLineA
GetProcessHeap
InitializeCriticalSection
SetEvent
VirtualFree
LoadLibraryW
GetSystemTimeAsFileTime
GetLastError
MultiByteToWideChar
HeapAlloc
WriteFile
VirtualAlloc
LocalFree
GetCurrentProcessId

Sections

.hthe
Size: 133KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sqix
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdfr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jvhm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ohhd
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jwdn
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ryyt
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uchu
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qroc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5ead195f35d796c48a0d814d26cfdd0

Headers

File Characteristics

Imports

kernel32

Sections

.hthe Size: 133KB - Virtual size: 156KB

.sqix Size: 1024B - Virtual size: 4KB

.qdfr Size: 512B - Virtual size: 4KB

.jvhm Size: 512B - Virtual size: 4KB

.ohhd Size: 1KB - Virtual size: 4KB

.jwdn Size: 512B - Virtual size: 4KB

.ryyt Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 4KB

.uchu Size: 1024B - Virtual size: 4KB

.qroc Size: 1024B - Virtual size: 4KB

.hthe
Size: 133KB - Virtual size: 156KB

.sqix
Size: 1024B - Virtual size: 4KB

.qdfr
Size: 512B - Virtual size: 4KB

.jvhm
Size: 512B - Virtual size: 4KB

.ohhd
Size: 1KB - Virtual size: 4KB

.jwdn
Size: 512B - Virtual size: 4KB

.ryyt
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 4KB

.uchu
Size: 1024B - Virtual size: 4KB

.qroc
Size: 1024B - Virtual size: 4KB