d1d663fdc2013447ede35c5683df9e48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1d663fdc2013447ede35c5683df9e48_JaffaCakes118
Size

239KB
MD5

d1d663fdc2013447ede35c5683df9e48
SHA1

1829286e63dd0e20b799d4b8e9bea5b1c23168c0
SHA256

9507cc43efe842745f97452b8db8b8ac4f89dbb5f74f4b49b26529e4cfe807d1
SHA512

02351b69a0df7f6ec1f89d1ad1847bf817bca3972503ab7f982ff872aa6f99e3d2cf679d13a55658c61d735257e19aa6fe39649e57e23978bac4523ec8a214c7
SSDEEP

6144:x4QXHZLcjs0cERBvQn+p6WAuZI46POBlUU9OeeBV3:13ZSs0Rk+puYIhPOBt9qr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1d663fdc2013447ede35c5683df9e48_JaffaCakes118

Files

d1d663fdc2013447ede35c5683df9e48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

566a123b716655dde038e231f1d0ef6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapFree
GetModuleHandleW
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
WideCharToMultiByte
RtlUnwind
HeapAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
SetFilePointer
IsProcessorFeaturePresent
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
LocalAlloc
GetProcAddress

riched20

CreateTextServices

umdmxfrm

GetXformInfo

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zor
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lvmiJy
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YDNyKC
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iIHPQL
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nQBPN
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

566a123b716655dde038e231f1d0ef6a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

riched20

umdmxfrm

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 1KB

.zor Size: 1KB - Virtual size: 2KB

.lvmiJy Size: 2KB - Virtual size: 3KB

.YDNyKC Size: 1024B - Virtual size: 1KB

.data Size: 212KB - Virtual size: 503KB

.iIHPQL Size: 1KB - Virtual size: 1KB

.nQBPN Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 924B

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 1KB

.zor
Size: 1KB - Virtual size: 2KB

.lvmiJy
Size: 2KB - Virtual size: 3KB

.YDNyKC
Size: 1024B - Virtual size: 1KB

.data
Size: 212KB - Virtual size: 503KB

.iIHPQL
Size: 1KB - Virtual size: 1KB

.nQBPN
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 924B