045ad809082263cd83d7ade866b0cbf4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

045ad809082263cd83d7ade866b0cbf4_JaffaCakes118
Size

522KB
MD5

045ad809082263cd83d7ade866b0cbf4
SHA1

3b270c9d6f947c37636870109bd5ca52118f0eff
SHA256

9fa7fba0c19d1a424e3123254d6f1d36a776b355894e9ec620f465f38c11dedc
SHA512

4e8de5e2ff34b8a08db29e0d94d5e8b75ea7b20889e0bb6cb102d6fd5e7b1b2f039793cf94263f08b7529cdfa364c84360c08ea1e674531f31e9324c5878232a
SSDEEP

12288:jALNmfp6fGTMfSm04PAeCo13KOyDev8N36D:sMp6fGo674PAzc3KtDevY6D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
045ad809082263cd83d7ade866b0cbf4_JaffaCakes118

Files

045ad809082263cd83d7ade866b0cbf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

@@Dfcontrol@Finalize
@@Dfcontrol@Initialize
@@Execryptor@Finalize
@@Execryptor@Initialize
@@Rypasswords@Finalize
@@Rypasswords@Initialize
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

i25xjl5s
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b.45bng3
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

19ivk2ay
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

avj2f4ms
Size: - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

clc63c5j
Size: 486KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2caldtxo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 332KB

.data Size: - Virtual size: 44KB

.tls Size: - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

i25xjl5s Size: - Virtual size: 8KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 4KB

.rsrc Size: 31KB - Virtual size: 40KB

b.45bng3 Size: - Virtual size: 20KB

19ivk2ay Size: - Virtual size: 4KB

avj2f4ms Size: - Virtual size: 292KB

clc63c5j Size: 486KB - Virtual size: 488KB

2caldtxo Size: 512B - Virtual size: 4KB

.text
Size: - Virtual size: 332KB

.data
Size: - Virtual size: 44KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

i25xjl5s
Size: - Virtual size: 8KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 31KB - Virtual size: 40KB

b.45bng3
Size: - Virtual size: 20KB

19ivk2ay
Size: - Virtual size: 4KB

avj2f4ms
Size: - Virtual size: 292KB

clc63c5j
Size: 486KB - Virtual size: 488KB

2caldtxo
Size: 512B - Virtual size: 4KB