039e0f9670f4226da6aa219653846aec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

039e0f9670f4226da6aa219653846aec_JaffaCakes118
Size

468KB
MD5

039e0f9670f4226da6aa219653846aec
SHA1

72be63ab00146f6edf34b979a76eeb3b409653db
SHA256

73f02b83c78f80773e33f1cd1fae293e511e78ae6adeb0dc1d32c19e21c9d4e8
SHA512

4a9cb9791e6b8c1fcca2bde535e02fca685506ab35554eb11b27ccd49423a10a9e6bee379768798e36e62fb6a50e733b63a322cbc7e2fbc80ff8e07ccfed1020
SSDEEP

12288:/DkD7rjhCWrVEVcQZAaGwtk9ULHzvfICENAXIOuzuFcXxFZ:rMsWrkvZhHjvfIm0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
039e0f9670f4226da6aa219653846aec_JaffaCakes118

Files

039e0f9670f4226da6aa219653846aec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

@@Dfcontrol@Finalize
@@Dfcontrol@Initialize
@@Execryptor@Finalize
@@Execryptor@Initialize
@@Rypasswords@Finalize
@@Rypasswords@Initialize
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8tcxnz9v
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jvfix72f
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6mz0delq
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g996s8o.
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3d38fjb6
Size: 432KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

izwy.6mp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 328KB

.data Size: - Virtual size: 88KB

.tls Size: - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

8tcxnz9v Size: - Virtual size: 8KB

.didata Size: 512B - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 4KB

.rsrc Size: 31KB - Virtual size: 40KB

jvfix72f Size: - Virtual size: 20KB

6mz0delq Size: - Virtual size: 4KB

g996s8o. Size: - Virtual size: 228KB

3d38fjb6 Size: 432KB - Virtual size: 436KB

izwy.6mp Size: 512B - Virtual size: 4KB

.text
Size: - Virtual size: 328KB

.data
Size: - Virtual size: 88KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

8tcxnz9v
Size: - Virtual size: 8KB

.didata
Size: 512B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 31KB - Virtual size: 40KB

jvfix72f
Size: - Virtual size: 20KB

6mz0delq
Size: - Virtual size: 4KB

g996s8o.
Size: - Virtual size: 228KB

3d38fjb6
Size: 432KB - Virtual size: 436KB

izwy.6mp
Size: 512B - Virtual size: 4KB