f0118c4e79b3189a37ee198a3a3ca557_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0118c4e79b3189a37ee198a3a3ca557_JaffaCakes118
Size

118KB
MD5

f0118c4e79b3189a37ee198a3a3ca557
SHA1

b5f8b7c6596b31c3424999adc8ee4be764e99cc9
SHA256

d2fa8a12604abd3186f7afcb845bed492633c987f08778c48271a8d83ea0221e
SHA512

227c477d0aaa0cfcf7b73719f40d31bd2391b7e1ce784162878dac4e0cb7fea6e468e1a6d38c0e290c615a543a8cd0537d8b2d5dc554bdaf4e5535fe98424518
SSDEEP

768:6Gm9y22rTGl2otQolDiATGgoBd4d18OJyvTfbBGwvHnxbHqgYwMFb4KyjbY:6Gm9b2/GZjlDi6+kdYGIH1RbMFb4Xb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0118c4e79b3189a37ee198a3a3ca557_JaffaCakes118

Files

f0118c4e79b3189a37ee198a3a3ca557_JaffaCakes118
.exe windows:1 windows x86 arch:x86

95c92223c954347b68b5dac13a978730

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
LeaveCriticalSection
GetACP
QueryPerformanceCounter
GetStartupInfoW
SetFilePointer
TerminateProcess
GetCurrentThreadId
SetLastError
QueryPerformanceCounter
ReadFile
HeapAlloc
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleA
UnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
VirtualAlloc
lstrlenW
Sleep
GetCurrentProcessId
ReadFile
CreateFileW
FormatMessageW

Sections

.iddo
Size: 102KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kfpu
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htly
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.funm
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nefq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nnni
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trie
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xlfd
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jqit
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95c92223c954347b68b5dac13a978730

Headers

File Characteristics

Imports

kernel32

Sections

.iddo Size: 102KB - Virtual size: 120KB

.kfpu Size: 1024B - Virtual size: 4KB

.htly Size: 1KB - Virtual size: 4KB

.funm Size: 1024B - Virtual size: 4KB

.nefq Size: 512B - Virtual size: 4KB

.nnni Size: 512B - Virtual size: 4KB

.trie Size: 512B - Virtual size: 4KB

.xlfd Size: 6KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 4KB

.jqit Size: 1024B - Virtual size: 4KB

.iddo
Size: 102KB - Virtual size: 120KB

.kfpu
Size: 1024B - Virtual size: 4KB

.htly
Size: 1KB - Virtual size: 4KB

.funm
Size: 1024B - Virtual size: 4KB

.nefq
Size: 512B - Virtual size: 4KB

.nnni
Size: 512B - Virtual size: 4KB

.trie
Size: 512B - Virtual size: 4KB

.xlfd
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 4KB

.jqit
Size: 1024B - Virtual size: 4KB