cfb89db76a308df4130cd7df24e9a055_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfb89db76a308df4130cd7df24e9a055_JaffaCakes118
Size

606KB
MD5

cfb89db76a308df4130cd7df24e9a055
SHA1

1cc256f8dc4175c098e8567e9a6abd1a4cbc0fad
SHA256

40e1fd76e2e40f5a769dd9d6a89d0d7da9c2e0db46f308f9d274a33c5017de6f
SHA512

ad2bf8ad9f77c11f4255d6ff9613826d87117ce917d76c4ff1038b8b956765099148ead8b6dacf469444ad6958ad8743a8d96c959fbcb57bf73c0e2d1bac1959
SSDEEP

12288:H5btjV7/Gre+5AjUfmkAFl9AUHWAd8xpvLoA5BSope9M:9tZse+5vel93TA5BSopI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfb89db76a308df4130cd7df24e9a055_JaffaCakes118

Files

cfb89db76a308df4130cd7df24e9a055_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ef29e3ed2d2e986f31e813dc5ccbe8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
LoadLibraryA
VirtualProtect
GetModuleFileNameA

user32

CallWindowProcA
MessageBoxA

gdi32

GetDeviceCaps

advapi32

RegSetValueExA

shell32

SHGetPathFromIDListA

ole32

CoTaskMemRealloc

oleaut32

SysAllocStringLen

ws2_32

WSAStartup

comctl32

InitCommonControlsEx

imagehlp

ImageLoad

iphlpapi

GetAdaptersInfo

Sections

.text
Size: - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack0
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack1
Size: - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack2
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ef29e3ed2d2e986f31e813dc5ccbe8b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

comctl32

imagehlp

iphlpapi

Sections

.text Size: - Virtual size: 269KB

.rdata Size: - Virtual size: 43KB

.data Size: - Virtual size: 19KB

.aspack0 Size: - Virtual size: 9KB

.aspack1 Size: - Virtual size: 375KB

.aspack2 Size: 596KB - Virtual size: 595KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: - Virtual size: 269KB

.rdata
Size: - Virtual size: 43KB

.data
Size: - Virtual size: 19KB

.aspack0
Size: - Virtual size: 9KB

.aspack1
Size: - Virtual size: 375KB

.aspack2
Size: 596KB - Virtual size: 595KB

.rsrc
Size: 9KB - Virtual size: 8KB