03d6411aeb14f553a7cc05eabebc37d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03d6411aeb14f553a7cc05eabebc37d3_JaffaCakes118
Size

50KB
MD5

03d6411aeb14f553a7cc05eabebc37d3
SHA1

967a48633bf59bc89b7d526b652e25705f1a633f
SHA256

fc8f07a736210277e2b24484641b5b5b6931abbab7aa5753c937c0d40ce096df
SHA512

216f7dc70ae5c174818862bf45b00146839c14f29873f6275b752e6e337d30d2bbdbad1ff481ba1c4e4daa27b23df9e74a72c87b8e1efd7a589bb46203f05f5a
SSDEEP

1536:p+pt3zNfsAd7ZZXbStvQ2w/GsQe6SXMK7d:p+3jf7XKvlwusQ2Xjd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03d6411aeb14f553a7cc05eabebc37d3_JaffaCakes118

Files

03d6411aeb14f553a7cc05eabebc37d3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c0dcac3f5ebe5a3c502a3732c67d7e71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemWindowsDirectoryW

Exports

Exports

RenameChange
?RenameCommand@@YGPAEPAXJ@Z
?RenameFortation@@YGPAEPAXJ@Z
?RenameHerbal@@YGPAEPAXJ@Z
?RenameLoadMac@@YGPAEPAXJ@Z
?RenameOptimize@@YGPAEPAXJ@Z
?RenameTest@@YGPAEPAXJ@Z

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.conas
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.const
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ts050
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts040
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts030
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts020
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ts010
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 655KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0dcac3f5ebe5a3c502a3732c67d7e71

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.conas Size: 512B - Virtual size: 64B

.const Size: 512B - Virtual size: 64B

.data Size: 3KB - Virtual size: 2KB

.ts050 Size: 2KB - Virtual size: 2KB

.ts040 Size: 3KB - Virtual size: 3KB

.ts030 Size: 3KB - Virtual size: 3KB

.ts020 Size: 3KB - Virtual size: 3KB

.ts010 Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 655KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 25KB

.conas
Size: 512B - Virtual size: 64B

.const
Size: 512B - Virtual size: 64B

.data
Size: 3KB - Virtual size: 2KB

.ts050
Size: 2KB - Virtual size: 2KB

.ts040
Size: 3KB - Virtual size: 3KB

.ts030
Size: 3KB - Virtual size: 3KB

.ts020
Size: 3KB - Virtual size: 3KB

.ts010
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 655KB

.reloc
Size: 1KB - Virtual size: 1KB