f5eade965124253a0173e81ea951ad17_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5eade965124253a0173e81ea951ad17_JaffaCakes118
Size

460KB
MD5

f5eade965124253a0173e81ea951ad17
SHA1

3a3db3cd1421b26233f436f2acfd933897f16a92
SHA256

ad956e1181935dd123ddd1117dd5ea19fcc3aebd5283870584bc48ddf1f1d5dd
SHA512

c1ca316773445c07bceddeb9ebd2fd68e85cd5c70b9bd21118a53bad48cdc1fee0ae873fc6f5008827d9b5ae57c19f5cb291e7fc7b06527c130a67a6b456fd0c
SSDEEP

12288:haEJ8pW9FPNTbWwrrqkBFU+4jdKnBSXVP:/J8+FVTbWwfqkChXV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5eade965124253a0173e81ea951ad17_JaffaCakes118

Files

f5eade965124253a0173e81ea951ad17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39f5d0f172ae5887543fcfe890912205

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetComputerNameA
GetCurrentActCtx
BuildCommDCBW
GetDefaultCommConfigA
SetWaitableTimer
TransmitCommChar
lstrcmpW
GetSystemDefaultLangID
Heap32ListNext
FreeConsole
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
FreeLibrary
GetProcAddress
LocalAlloc

msvcrt

memcpy
memset
exit
perror
fgetws

mprapi

MprAdminInterfaceGetInfo

Exports

Exports

_wWinMain@16

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 65B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT4
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

q4nOE
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bbbb
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39f5d0f172ae5887543fcfe890912205

Headers

File Characteristics

Imports

kernel32

msvcrt

mprapi

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.idata Size: 4KB - Virtual size: 65B

.rdata Size: 4KB - Virtual size: 1KB

.pdata Size: 4KB - Virtual size: 9KB

CODE Size: 104KB - Virtual size: 102KB

.erloc Size: 48KB - Virtual size: 45KB

.CRT4 Size: 72KB - Virtual size: 68KB

.crt1 Size: 28KB - Virtual size: 27KB

q4nOE Size: 28KB - Virtual size: 27KB

DATA Size: 60KB - Virtual size: 58KB

bbbb Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 272B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 92KB - Virtual size: 90KB

.idata
Size: 4KB - Virtual size: 65B

.rdata
Size: 4KB - Virtual size: 1KB

.pdata
Size: 4KB - Virtual size: 9KB

CODE
Size: 104KB - Virtual size: 102KB

.erloc
Size: 48KB - Virtual size: 45KB

.CRT4
Size: 72KB - Virtual size: 68KB

.crt1
Size: 28KB - Virtual size: 27KB

q4nOE
Size: 28KB - Virtual size: 27KB

DATA
Size: 60KB - Virtual size: 58KB

bbbb
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 272B

.reloc
Size: 4KB - Virtual size: 1KB