efd893317769f1c6266f867fae03c1b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efd893317769f1c6266f867fae03c1b2_JaffaCakes118
Size

37KB
MD5

efd893317769f1c6266f867fae03c1b2
SHA1

8ba49b55213493741e1501dd5637033bf3b9ec73
SHA256

8520d0983a20add2462073c53aad6ce01f8a45ef476300ded372b78953ee02ec
SHA512

b6630b78dc8be1326031a55b6385b46dbf2269f5c8cbe7b4d95c772dbfa93b86e17c41fc72056eca78e225e54579c28394075d39333dc1c503d9a181f5395c95
SSDEEP

768:rcX72Te5+R+hCOmbybRstNtYczwCTt+8/:wX7w6+R1btbzw0A8/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd893317769f1c6266f867fae03c1b2_JaffaCakes118

Files

efd893317769f1c6266f867fae03c1b2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

78a6bdd5f23a906c5679213589376c67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapDestroy
LoadLibraryW
SetFilePointer
ExitProcess
InterlockedIncrement
GetModuleHandleA
GetLastError
UnhandledExceptionFilter
LocalFree
HeapFree
GetCurrentThreadId
GetACP
GetCommandLineW
LeaveCriticalSection
GetProcessHeap
GetProcessHeap
CreateFileW
WaitForSingleObject
lstrcmpiW
MultiByteToWideChar
VirtualAlloc
UnhandledExceptionFilter
GetTickCount
lstrlenW
LocalFree
SetLastError
WideCharToMultiByte
LoadLibraryA
LoadLibraryW
SetUnhandledExceptionFilter
HeapDestroy
GetACP
HeapAlloc
GetModuleHandleA
GetTickCount
GetVersionExA
CreateThread
FreeLibrary
LocalAlloc
HeapFree
ReadFile
InterlockedIncrement
FreeLibrary
TerminateProcess

Sections

.text
Size: 28KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.gdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78a6bdd5f23a906c5679213589376c67

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 28KB - Virtual size: 48KB

.adata Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.fdata Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.gdata Size: 512B - Virtual size: 24B

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 48KB

.adata
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.fdata
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.gdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 1024B - Virtual size: 4KB