e1504dab3cd3e9c718e2ba56ff0ea89a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1504dab3cd3e9c718e2ba56ff0ea89a_JaffaCakes118
Size

41KB
MD5

e1504dab3cd3e9c718e2ba56ff0ea89a
SHA1

64c14996d34f358b88222c38a38b64cf7a4816b0
SHA256

2a4db05ce2a1462630d2f60f5f5f4f09148697d76402192d83eadb5be157d27f
SHA512

78fc999c55ffcf9506185d8ee4fc2f11ead76e7559f553acb80819baaa6a16293b924e24f5360d67241a3989ec24d075703fa5bca8016c6cc5cc4813650a2c24
SSDEEP

768:UKX83s0AwQ0z9gWF8gDH4e6NeyLfuBvYjsQm16WJiAYp571e6c3nz:bV0ZTDexuBvYjsQmJilp5TcX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1504dab3cd3e9c718e2ba56ff0ea89a_JaffaCakes118

Files

e1504dab3cd3e9c718e2ba56ff0ea89a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef8cc4a529871aed604369651870a4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA

kernel32

GetFileAttributesA
ReplaceFileA
CreateHardLinkA
ExitProcess
GetBinaryTypeA
GetFileType
CancelIo
CallNamedPipeA
BackupSeek
lstrcmpA
lstrlenW
GetDriveTypeA
GetCurrentDirectoryA
GetSystemDirectoryA
GetComputerNameW
lstrcmpW
HeapAlloc
GetProcessHeap
HeapFree
GetWindowsDirectoryW

advapi32

GetUserNameA

winmm

DrvGetModuleHandle
GetDriverModuleHandle
auxGetVolume

Exports

Exports

asthjo

Sections

.code
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef8cc4a529871aed604369651870a4e

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

winmm

Exports

Exports

Sections

.code Size: 22KB - Virtual size: 21KB

.rdata Size: 1024B - Virtual size: 918B

.data Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 1B

.code Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 760B

.reloc Size: 1024B - Virtual size: 544B

.code
Size: 22KB - Virtual size: 21KB

.rdata
Size: 1024B - Virtual size: 918B

.data
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 1B

.code
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 760B

.reloc
Size: 1024B - Virtual size: 544B