05b2c108d3e916e5a802b77550bfd1b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

05b2c108d3e916e5a802b77550bfd1b0_JaffaCakes118
Size

20.0MB
MD5

05b2c108d3e916e5a802b77550bfd1b0
SHA1

501cb6aefbda664f02a0bc0f4f621905ebc0f94b
SHA256

5af9f11f5a5298c93a61f26358b0ca829712d4d9dc774c3791f5444cf20dd76b
SHA512

86b449008364691ac8d2e50cb94aec0baac931bf312b9917ae9db493e8dd7388faf11b220a65bcca221fa866ed0d756a064ee00a73b5bee4684d17fbf87f4ce2
SSDEEP

393216:5PIAUuE3lsXvobZzg0KBLKimdhqn6oZgucd0fTsvXcRrK7bkNbxP6aJKjq0gUFFX:JARyKzhimdhq6GvXTs6+kdxPXyxg4sza

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05b2c108d3e916e5a802b77550bfd1b0_JaffaCakes118

Files

05b2c108d3e916e5a802b77550bfd1b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15dc1b2eb1b58df93a969d6fc9bce4a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
LCMapStringA
GetStringTypeW
GetLastError
MultiByteToWideChar
SetEndOfFile
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
ReadFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
SetStdHandle
FlushFileBuffers
CloseHandle
CreateFileA
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
LCMapStringW

user32

GetDesktopWindow

gdi32

GetClipRgn
GetBkMode

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.3MB - Virtual size: 68.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JSVEQA
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JLTOPAQ
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

C5UWFT
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XCEL85M
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IWRBHNY
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WMIEJQ
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RTZHUSB
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

K5STA0
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Q173WE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UGOHLQJ
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

R2S6PB
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HCTQUL
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TMYEVWX
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IYOD87T
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VL9IL4F
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OLIUQV
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PYEBH0O
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OXGRBT
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TENU5U
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FF89B3
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JMF07OB
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LX8AOR
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XCOSQK
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YMEJWE5
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YFIPTEW
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SYEGBKR
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OFG984
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Q6SXELW
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

H2XKZM3
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15dc1b2eb1b58df93a969d6fc9bce4a2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4.3MB - Virtual size: 68.4MB

JSVEQA Size: 4KB - Virtual size: 2B

JLTOPAQ Size: 4KB - Virtual size: 2KB

C5UWFT Size: 4KB - Virtual size: 2KB

XCEL85M Size: 4KB - Virtual size: 2KB

IWRBHNY Size: 4KB - Virtual size: 2KB

WMIEJQ Size: 4KB - Virtual size: 2KB

RTZHUSB Size: 4KB - Virtual size: 2KB

K5STA0 Size: 4KB - Virtual size: 2KB

Q173WE Size: 4KB - Virtual size: 2KB

UGOHLQJ Size: 4KB - Virtual size: 2KB

R2S6PB Size: 4KB - Virtual size: 2KB

HCTQUL Size: 4KB - Virtual size: 2KB

TMYEVWX Size: 4KB - Virtual size: 2KB

IYOD87T Size: 4KB - Virtual size: 2KB

VL9IL4F Size: 4KB - Virtual size: 2KB

OLIUQV Size: 4KB - Virtual size: 2KB

PYEBH0O Size: 4KB - Virtual size: 2KB

OXGRBT Size: 4KB - Virtual size: 2KB

TENU5U Size: 4KB - Virtual size: 2KB

FF89B3 Size: 4KB - Virtual size: 2KB

JMF07OB Size: 4KB - Virtual size: 2KB

LX8AOR Size: 4KB - Virtual size: 2KB

XCOSQK Size: 4KB - Virtual size: 2KB

YMEJWE5 Size: 4KB - Virtual size: 2KB

YFIPTEW Size: 4KB - Virtual size: 2KB

SYEGBKR Size: 4KB - Virtual size: 2KB

OFG984 Size: 4KB - Virtual size: 2KB

Q6SXELW Size: 4KB - Virtual size: 2KB

H2XKZM3 Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4.3MB - Virtual size: 68.4MB

JSVEQA
Size: 4KB - Virtual size: 2B

JLTOPAQ
Size: 4KB - Virtual size: 2KB

C5UWFT
Size: 4KB - Virtual size: 2KB

XCEL85M
Size: 4KB - Virtual size: 2KB

IWRBHNY
Size: 4KB - Virtual size: 2KB

WMIEJQ
Size: 4KB - Virtual size: 2KB

RTZHUSB
Size: 4KB - Virtual size: 2KB

K5STA0
Size: 4KB - Virtual size: 2KB

Q173WE
Size: 4KB - Virtual size: 2KB

UGOHLQJ
Size: 4KB - Virtual size: 2KB

R2S6PB
Size: 4KB - Virtual size: 2KB

HCTQUL
Size: 4KB - Virtual size: 2KB

TMYEVWX
Size: 4KB - Virtual size: 2KB

IYOD87T
Size: 4KB - Virtual size: 2KB

VL9IL4F
Size: 4KB - Virtual size: 2KB

OLIUQV
Size: 4KB - Virtual size: 2KB

PYEBH0O
Size: 4KB - Virtual size: 2KB

OXGRBT
Size: 4KB - Virtual size: 2KB

TENU5U
Size: 4KB - Virtual size: 2KB

FF89B3
Size: 4KB - Virtual size: 2KB

JMF07OB
Size: 4KB - Virtual size: 2KB

LX8AOR
Size: 4KB - Virtual size: 2KB

XCOSQK
Size: 4KB - Virtual size: 2KB

YMEJWE5
Size: 4KB - Virtual size: 2KB

YFIPTEW
Size: 4KB - Virtual size: 2KB

SYEGBKR
Size: 4KB - Virtual size: 2KB

OFG984
Size: 4KB - Virtual size: 2KB

Q6SXELW
Size: 4KB - Virtual size: 2KB

H2XKZM3
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB