0373ee4a240448a87a6a318eb106d1ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0373ee4a240448a87a6a318eb106d1ec_JaffaCakes118
Size

186KB
MD5

0373ee4a240448a87a6a318eb106d1ec
SHA1

e08d93362973f59f4b305d6f0563d8b2a2003bc0
SHA256

612543601a4867be51d8b9eaf1017b2ceed064b960452a269cf0937d3c3a7e5d
SHA512

c688b44de4a0b800eef732917af78a80a1bbd71920b30730dae1e2885102de6c00c1e5c985b2ae54fabfc9742ecd202b904e7e299bdf0b3f39db363a9c1c7019
SSDEEP

3072:bUN7XKvlwuupdhCDkeKn7KhcjVVAfs6GHpKg2Lmhb1qaD35aM5CnvTUDxH3dJN76:Qp2wP7qkZKhoZ7ZqO5IvIDlNVkVtLHuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0373ee4a240448a87a6a318eb106d1ec_JaffaCakes118

Files

0373ee4a240448a87a6a318eb106d1ec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c0dcac3f5ebe5a3c502a3732c67d7e71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemWindowsDirectoryW

Exports

Exports

RenameChange
?RenameCommand@@YGPAEPAXJ@Z
?RenameFortation@@YGPAEPAXJ@Z
?RenameHerbal@@YGPAEPAXJ@Z
?RenameLoadMac@@YGPAEPAXJ@Z
?RenameOptimize@@YGPAEPAXJ@Z
?RenameTest@@YGPAEPAXJ@Z

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.conas
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.const
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ts050
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts040
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts030
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts020
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts010
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0dcac3f5ebe5a3c502a3732c67d7e71

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.conas Size: 512B - Virtual size: 64B

.const Size: 512B - Virtual size: 64B

.data Size: 2KB - Virtual size: 2KB

.ts050 Size: 15KB - Virtual size: 15KB

.ts040 Size: 30KB - Virtual size: 30KB

.ts030 Size: 38KB - Virtual size: 37KB

.ts020 Size: 30KB - Virtual size: 30KB

.ts010 Size: 38KB - Virtual size: 37KB

.rsrc Size: 2KB - Virtual size: 208KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 25KB

.conas
Size: 512B - Virtual size: 64B

.const
Size: 512B - Virtual size: 64B

.data
Size: 2KB - Virtual size: 2KB

.ts050
Size: 15KB - Virtual size: 15KB

.ts040
Size: 30KB - Virtual size: 30KB

.ts030
Size: 38KB - Virtual size: 37KB

.ts020
Size: 30KB - Virtual size: 30KB

.ts010
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 2KB - Virtual size: 208KB

.reloc
Size: 2KB - Virtual size: 1KB