f6fb6e9a2befa2abf51841586b574a28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6fb6e9a2befa2abf51841586b574a28_JaffaCakes118
Size

411KB
MD5

f6fb6e9a2befa2abf51841586b574a28
SHA1

e704eca161da532030f6f3968be17413b9e02961
SHA256

dd7ca7aae8356f308cd584ba1f95cf2a6dc4601f6f750c247fd27934b628ef7a
SHA512

409b044bb1fc26746b260402bc30d676450ef4acbba44806c9e78b8cc891765e531bf5f98918771059f357960bd2a21e3256eb7f1fd69ad6f830764b28ba26b8
SSDEEP

6144:I0E1Wt1qGYb9hBXQBAMG7j8hac2zGGmbIt05TNEEQktFCUtOCwC5iqz4xrkElI4s:w1G1q99QeMGpcOJmbIt0dZn0ivGNK4he

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6fb6e9a2befa2abf51841586b574a28_JaffaCakes118

Files

f6fb6e9a2befa2abf51841586b574a28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad94e7a1ae3be2665a4921f682ec4882

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
SetThreadPriority
LoadLibraryExA
FileTimeToSystemTime
GetTempPathA
GetFileAttributesW
GetCurrentThreadId
CreateEventW
GetModuleFileNameA
GetWindowsDirectoryA
GetStdHandle
CreateMutexA
GetExitCodeThread
ResumeThread
FormatMessageW
GetCommandLineA
GlobalLock
MultiByteToWideChar
ExitProcess
GetTickCount
GetDriveTypeA
FindNextFileW
GetOEMCP
GetLastError
CreateProcessA
FindResourceW
FindResourceA
GetFileType
Sleep
VirtualAlloc
OpenMutexA
QueryPerformanceCounter
GetCurrentDirectoryW
GetACP
GetStringTypeW
GetCurrentProcessId
HeapDestroy
ClearCommError
TlsSetValue
GetExitCodeProcess
GetStringTypeA
lstrlenW
GetCurrentProcess
GetCommandLineW
GetVersion
lstrcpynA
IsDebuggerPresent
MulDiv
CloseHandle
SetLastError

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 19.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: - Virtual size: 19.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 309KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad94e7a1ae3be2665a4921f682ec4882

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2KB - Virtual size: 1KB

BSS Size: - Virtual size: 19.4MB

.textbss Size: - Virtual size: 19.4MB

DATA Size: - Virtual size: 3KB

.tls Size: - Virtual size: 1KB

.tls Size: - Virtual size: 369KB

.bss Size: 309KB - Virtual size: 313KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 2KB - Virtual size: 1KB

BSS
Size: - Virtual size: 19.4MB

.textbss
Size: - Virtual size: 19.4MB

DATA
Size: - Virtual size: 3KB

.tls
Size: - Virtual size: 1KB

.tls
Size: - Virtual size: 369KB

.bss
Size: 309KB - Virtual size: 313KB

.rsrc
Size: 98KB - Virtual size: 98KB