dff2cb59da5c555c517b3dab1fbb4ea9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dff2cb59da5c555c517b3dab1fbb4ea9_JaffaCakes118
Size

957KB
MD5

dff2cb59da5c555c517b3dab1fbb4ea9
SHA1

35f2e540ea474a631227521f9c3f9cea7a7054ed
SHA256

73d0dc1c7cd4a0989491699959c54bc672c987ee91cb831e64ed9ab3b1006ff1
SHA512

88465970e53f2a4be8f33d7ce0e66057249542f0c66af43309a8103a41c76746c07a8ea2fb7dfe906e4f5588afd6e9c6e37165ded8deaac61319a3094f8040bd
SSDEEP

24576:xiGjoZwLa3PjhX6PbUbU1Kf3hqV22dKe9V7UZv:AGHLa/jhX6gw123hG2UKeDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dff2cb59da5c555c517b3dab1fbb4ea9_JaffaCakes118

Files

dff2cb59da5c555c517b3dab1fbb4ea9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d28da5250f25b394b9395d92eff77558

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExA

kernel32

GetCommandLineA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

version

GetFileVersionInfoA

comctl32

ImageList_Write

gdi32

PlayEnhMetaFile

user32

DrawFrameControl
MessageBoxA

ole32

CoGetMalloc

oleaut32

SafeArrayGetLBound

Exports

Exports

@@Mainunit@Finalize
@@Mainunit@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.vmp2
Size: 949KB - Virtual size: 949KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d28da5250f25b394b9395d92eff77558

Headers

File Characteristics

Imports

advapi32

kernel32

version

comctl32

gdi32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 844KB

.data Size: - Virtual size: 52KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

.idata Size: - Virtual size: 12KB

.edata Size: - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 36KB

.vmp0 Size: - Virtual size: 60KB

.vmp1 Size: - Virtual size: 422KB

.vmp2 Size: 949KB - Virtual size: 949KB

.reloc Size: 512B - Virtual size: 184B

.text
Size: - Virtual size: 844KB

.data
Size: - Virtual size: 52KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 12KB

.edata
Size: - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 36KB

.vmp0
Size: - Virtual size: 60KB

.vmp1
Size: - Virtual size: 422KB

.vmp2
Size: 949KB - Virtual size: 949KB

.reloc
Size: 512B - Virtual size: 184B