bf6313552c83c7cfbabd78212dbbcc99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf6313552c83c7cfbabd78212dbbcc99_JaffaCakes118
Size

145KB
MD5

bf6313552c83c7cfbabd78212dbbcc99
SHA1

9294e032deaa75a696ef5a3615d36ec76de2b7f5
SHA256

0e6aca4b60138c0970cb299f948b6784242c613229553254dd9c57e60f2a86bc
SHA512

feeb8bf26eb4216fd2fedc1ca7ac6b6b4f4a1e9e8e29e84cdfc214e057736a39b2c5769794018482d03d168327b0d065a871b675ecf1a68436ceb3aec60c7233
SSDEEP

1536:+0LNCgtGCHoU2cH7xGg/j0rx9xHCTWC8wmae58K:+0RTZH7xGgo7I38w1K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf6313552c83c7cfbabd78212dbbcc99_JaffaCakes118

Files

bf6313552c83c7cfbabd78212dbbcc99_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a2f8b180822f45e719bdf6fa7ce9636b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetLastError
VirtualFree
CreateFileW
HeapReAlloc
GetModuleHandleA
WriteFile
ReadFile
SetLastError
GetModuleHandleW
LocalAlloc
GetTickCount
ExitProcess
ExitProcess
InterlockedIncrement
GetModuleFileNameA
SetLastError
GetCurrentProcessId
SetFilePointer
WriteFile
HeapFree
EnterCriticalSection
lstrlenW
VirtualFree
SetFilePointer
MultiByteToWideChar
EnterCriticalSection
GetCommandLineA
FreeLibrary
lstrlenW
LocalAlloc
FormatMessageW
LeaveCriticalSection
lstrcmpiW
Sleep
VirtualAlloc
HeapFree
GetStartupInfoA
SetFilePointer
LoadLibraryA
GetLastError
CreateThread
HeapAlloc
lstrcpyW
SetLastError

Sections

.vuqs
Size: 133KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gckf
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ftgj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ypby
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ditn
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yrop
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bftg
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xkpl
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sppi
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a2f8b180822f45e719bdf6fa7ce9636b

Headers

File Characteristics

Imports

kernel32

Sections

.vuqs Size: 133KB - Virtual size: 156KB

.gckf Size: 1024B - Virtual size: 4KB

.ftgj Size: 512B - Virtual size: 4KB

.ypby Size: 512B - Virtual size: 4KB

.ditn Size: 1KB - Virtual size: 4KB

.yrop Size: 512B - Virtual size: 4KB

.bftg Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 4KB

.xkpl Size: 1024B - Virtual size: 4KB

.sppi Size: 1024B - Virtual size: 4KB

.vuqs
Size: 133KB - Virtual size: 156KB

.gckf
Size: 1024B - Virtual size: 4KB

.ftgj
Size: 512B - Virtual size: 4KB

.ypby
Size: 512B - Virtual size: 4KB

.ditn
Size: 1KB - Virtual size: 4KB

.yrop
Size: 512B - Virtual size: 4KB

.bftg
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 4KB

.xkpl
Size: 1024B - Virtual size: 4KB

.sppi
Size: 1024B - Virtual size: 4KB