0211599c8f594ecccdd0eb813cf774cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0211599c8f594ecccdd0eb813cf774cd_JaffaCakes118
Size

464KB
MD5

0211599c8f594ecccdd0eb813cf774cd
SHA1

84cf3e934ef4a0cb094e0c9beda727f135105abd
SHA256

6a501799ddc6c83bfd7ee1ded8b632c9c3f9feb3b0fc1b80bcedf1d8b6a274c2
SHA512

f3858ef4778c9ff319b0589b82a145fcb02d6c51c407a818e9d996b7493a55704e502ea5bc7e909b23011fb4869bca69529c52a5d51c49a3715d748669ed70e0
SSDEEP

12288:cM5Nrt0CWrVEVcQZAaGwtk9URHPp5AUTf9LQxQthRTjtOgLYh:LjbWrkvZhHj5wC90x+NVUh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0211599c8f594ecccdd0eb813cf774cd_JaffaCakes118

Files

0211599c8f594ecccdd0eb813cf774cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

@@Dfcontrol@Finalize
@@Dfcontrol@Initialize
@@Execryptor@Finalize
@@Execryptor@Initialize
@@Rypasswords@Finalize
@@Rypasswords@Initialize
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h9r56s70
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1tb2gh2y
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pfouno36
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2jdkwv3i
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

witbtflm
Size: 428KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

q3s6c0s7
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 328KB

.data Size: - Virtual size: 88KB

.tls Size: - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

h9r56s70 Size: - Virtual size: 8KB

.didata Size: 512B - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 4KB

.rsrc Size: 31KB - Virtual size: 40KB

1tb2gh2y Size: - Virtual size: 20KB

pfouno36 Size: - Virtual size: 4KB

2jdkwv3i Size: - Virtual size: 224KB

witbtflm Size: 428KB - Virtual size: 432KB

q3s6c0s7 Size: 512B - Virtual size: 4KB

.text
Size: - Virtual size: 328KB

.data
Size: - Virtual size: 88KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

h9r56s70
Size: - Virtual size: 8KB

.didata
Size: 512B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 31KB - Virtual size: 40KB

1tb2gh2y
Size: - Virtual size: 20KB

pfouno36
Size: - Virtual size: 4KB

2jdkwv3i
Size: - Virtual size: 224KB

witbtflm
Size: 428KB - Virtual size: 432KB

q3s6c0s7
Size: 512B - Virtual size: 4KB