de48c47ba29804a5de708dd0de5917f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de48c47ba29804a5de708dd0de5917f7_JaffaCakes118
Size

52KB
MD5

de48c47ba29804a5de708dd0de5917f7
SHA1

303940489732493b1a651f12161b6abc5c0102df
SHA256

d7c8ae078845b735f80252e1361c2656babe26175f409e8fbb6cac69bba18229
SHA512

b1955574ce64b895c08fa928925fc09ccf312fb1cdae97fb068aaa2cf1a907d3a20ac0af97621ad5ca8ca0a582cce4af597d7f4711d9a7f2458434fad58e3069
SSDEEP

768:2Pm+wNg+U767shRNESgJwsz0XMvhCUPsKLkiXu+qzltMa4pQUe71L/0uWNNNNNNH:yX7/1H8WohCUlBu+WlJ4pKVQzz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de48c47ba29804a5de708dd0de5917f7_JaffaCakes118

Files

de48c47ba29804a5de708dd0de5917f7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

13f50a9abcb890d9c3613d7d4e8adc49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetCurrentDirectoryA
lstrlenA
LoadLibraryA
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
DeleteFileA
ExitProcess
InitializeCriticalSection
GetStdHandle
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
DuplicateHandle
CloseHandle
SetFilePointer
ReadFile
WriteFile
GlobalAlloc
GlobalFree

shell32

SHFileOperationA

user32

GetPropA
IsIconic
ShowWindow
GetLastActivePopup
SetForegroundWindow
EnumWindows
MessageBoxA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13f50a9abcb890d9c3613d7d4e8adc49

Headers

File Characteristics

Imports

kernel32

shell32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 512B - Virtual size: 97B

.exc Size: 512B - Virtual size: 204B

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 2KB

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.bss Size: - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 512B - Virtual size: 97B

.exc
Size: 512B - Virtual size: 204B

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.bss
Size: - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB