d361a37b07e494a5df663e778aee9468_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d361a37b07e494a5df663e778aee9468_JaffaCakes118
Size

51KB
MD5

d361a37b07e494a5df663e778aee9468
SHA1

3bc8af794743c162019d23700d54d148e3773d89
SHA256

3da125d5baea69729211b356e2eed55892482ab82c5b85822cdf20b3089776ae
SHA512

48c7b8a825d51c6461b964e3d06f6b2146fbea5c039063d01c158ccb5019b9cfc51ab03ab2198b5bbe395f5950491c28b702936a45682ed7327436c13a04c9ff
SSDEEP

768:VgrzVlKYXJCmGX1RKb0mxRZ6mlBdPXZZo54/icXBc02:Vgrv9XJDGXhmXZ/9Q54/iUBi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d361a37b07e494a5df663e778aee9468_JaffaCakes118

Files

d361a37b07e494a5df663e778aee9468_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7ba21520095e23cf98d125dba8fa5d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetProcessHeap
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
GetModuleHandleW
GetProcAddress

uniplat

UmPlatformDeinitialize
DestroyOverStructPool
CallEnding

efsadu

EfsDetail

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jhScdk
Size: 1KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.arb
Size: 2KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EH
Size: 2KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yxjED
Size: 4KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xZYRu
Size: 5KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JAvL
Size: 2KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ntnYG
Size: 4KB - Virtual size: 533KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qAjE
Size: 5KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.I
Size: 1KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7ba21520095e23cf98d125dba8fa5d0

Headers

File Characteristics

Imports

kernel32

uniplat

efsadu

Sections

.text Size: 12KB - Virtual size: 12KB

.jhScdk Size: 1KB - Virtual size: 283KB

.arb Size: 2KB - Virtual size: 123KB

.EH Size: 2KB - Virtual size: 182KB

.rdata Size: 1024B - Virtual size: 15KB

.yxjED Size: 4KB - Virtual size: 496KB

.xZYRu Size: 5KB - Virtual size: 83KB

.JAvL Size: 2KB - Virtual size: 196KB

.ntnYG Size: 4KB - Virtual size: 533KB

.data Size: 6KB - Virtual size: 289KB

.qAjE Size: 5KB - Virtual size: 58KB

.I Size: 1KB - Virtual size: 176KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.jhScdk
Size: 1KB - Virtual size: 283KB

.arb
Size: 2KB - Virtual size: 123KB

.EH
Size: 2KB - Virtual size: 182KB

.rdata
Size: 1024B - Virtual size: 15KB

.yxjED
Size: 4KB - Virtual size: 496KB

.xZYRu
Size: 5KB - Virtual size: 83KB

.JAvL
Size: 2KB - Virtual size: 196KB

.ntnYG
Size: 4KB - Virtual size: 533KB

.data
Size: 6KB - Virtual size: 289KB

.qAjE
Size: 5KB - Virtual size: 58KB

.I
Size: 1KB - Virtual size: 176KB

.rsrc
Size: 2KB - Virtual size: 1KB