ddebc3c904ae0eb64c009c74d6a709dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ddebc3c904ae0eb64c009c74d6a709dd_JaffaCakes118
Size

298KB
MD5

ddebc3c904ae0eb64c009c74d6a709dd
SHA1

544f196552c160b2fa75426c01b287b67e73c9fd
SHA256

1521ed0d2d3a1b087b15ab8e3cd91af9031ae361c4cc69c8bd2b31133f9950be
SHA512

b0342855707edc9cdb7191b7ee4e602cd2abf43fedce6693e1630e5fc8880acb622601128b62ff151a8e341441c98dc4861db21d16ded80f0f767d3eeb384591
SSDEEP

6144:T/jGqFxMrzyzB1LPnT2gH6vERh0vegJ1gk8xAaTa9lS3D5:R0rzyzfLqK6uh0P7iFFD5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddebc3c904ae0eb64c009c74d6a709dd_JaffaCakes118

Files

ddebc3c904ae0eb64c009c74d6a709dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

254d1ac1d17589713324cf0cbd1c7849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetLastError
ExitProcess
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetVersion
GetProcAddress

imagehlp

FindFileInPath
MakeSureDirectoryPathExists
SetImageConfigInformation
SymCleanup
UnDecorateSymbolName
ReBaseImage64
SymFromName
SymSetOptions
SymFunctionTableAccess64
ImageRvaToSection
SymGetSymPrev64
SymGetSymNext64
RemoveRelocations
FindExecutableImage
BindImage
CheckSumMappedFile
SymGetModuleBase64
SymGetLineFromName64
SymGetSymFromName64
SymGetTypeInfo
SymFromAddr
ReBaseImage

netplwiz

NetPlacesWizardDoModal

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DrKnDy
Size: 4KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TLO
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.KcmhU
Size: 4KB - Virtual size: 799KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aqehT
Size: 5KB - Virtual size: 819KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 83KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fc
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ayXwtT
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 134KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

254d1ac1d17589713324cf0cbd1c7849

Headers

File Characteristics

Imports

kernel32

imagehlp

netplwiz

Sections

.text Size: 9KB - Virtual size: 9KB

.DrKnDy Size: 4KB - Virtual size: 962KB

.TLO Size: 5KB - Virtual size: 15KB

.text Size: 11KB - Virtual size: 11KB

.KcmhU Size: 4KB - Virtual size: 799KB

.rdata Size: 2KB - Virtual size: 37KB

.aqehT Size: 5KB - Virtual size: 819KB

.edata Size: 83KB - Virtual size: 98KB

.fc Size: 1KB - Virtual size: 13KB

.data Size: 7KB - Virtual size: 97KB

.ayXwtT Size: 1024B - Virtual size: 105KB

.edata Size: 134KB - Virtual size: 189KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 9KB - Virtual size: 9KB

.DrKnDy
Size: 4KB - Virtual size: 962KB

.TLO
Size: 5KB - Virtual size: 15KB

.text
Size: 11KB - Virtual size: 11KB

.KcmhU
Size: 4KB - Virtual size: 799KB

.rdata
Size: 2KB - Virtual size: 37KB

.aqehT
Size: 5KB - Virtual size: 819KB

.edata
Size: 83KB - Virtual size: 98KB

.fc
Size: 1KB - Virtual size: 13KB

.data
Size: 7KB - Virtual size: 97KB

.ayXwtT
Size: 1024B - Virtual size: 105KB

.edata
Size: 134KB - Virtual size: 189KB

.rsrc
Size: 27KB - Virtual size: 26KB