da4aa3871903f7c75857e1435ebb64e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da4aa3871903f7c75857e1435ebb64e9_JaffaCakes118
Size

6.6MB
MD5

da4aa3871903f7c75857e1435ebb64e9
SHA1

84a17f53eb31a3487aa0b9ff0b338f6ed39fabf6
SHA256

f8237e52e7e1dc4785fc844f9cf64cb06beb4759df89a4e62c5c301716a76163
SHA512

95c8b23f4ad7440280cb0a2ada52b4d0bff1e30b25e766db4916c72256a27cf9549e955fe54b266d688b289e91f36aa345e81bdce3aba277cd53c4bfd3e2b1c9
SSDEEP

98304:X4ySGNZaDyAamjPAdDb7xKDXDPB3nShEjprCo+Nvee7SuPWPxOBYIPOO8sF/yRvo:XgmTxGD9rwC4WPxOBLPODRv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da4aa3871903f7c75857e1435ebb64e9_JaffaCakes118

Files

da4aa3871903f7c75857e1435ebb64e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 3.0MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 668KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XSKIP3
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 995KB - Virtual size: 1000KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

isvcpakf
Size: 807KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gkjkrfqy
Size: 4KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XSKIP1
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XSKIP2
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nduqdqji
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eyeqlhbd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 3.0MB - Virtual size: 10.0MB

.rsrc Size: 668KB - Virtual size: 668KB

.XSKIP3 Size: 512B - Virtual size: 4KB

Size: 995KB - Virtual size: 1000KB

isvcpakf Size: 807KB - Virtual size: 808KB

gkjkrfqy Size: 4KB - Virtual size: 6.7MB

XSKIP1 Size: 45KB - Virtual size: 48KB

.XSKIP2 Size: 7KB - Virtual size: 8KB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 1.8MB

nduqdqji Size: 1.2MB - Virtual size: 1.2MB

eyeqlhbd Size: 512B - Virtual size: 4KB

.rsrc
Size: 668KB - Virtual size: 668KB

.XSKIP3
Size: 512B - Virtual size: 4KB

isvcpakf
Size: 807KB - Virtual size: 808KB

gkjkrfqy
Size: 4KB - Virtual size: 6.7MB

XSKIP1
Size: 45KB - Virtual size: 48KB

.XSKIP2
Size: 7KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

nduqdqji
Size: 1.2MB - Virtual size: 1.2MB

eyeqlhbd
Size: 512B - Virtual size: 4KB