0d88e62e0dc51229dd17ab31c65f8d30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d88e62e0dc51229dd17ab31c65f8d30_JaffaCakes118
Size

91KB
MD5

0d88e62e0dc51229dd17ab31c65f8d30
SHA1

0eefc768eb89bf693a4ef4b4f79eb23140bc7b36
SHA256

57778965324941033d593c128d53b3d2c0d049463ab3f129da6722bfb0f8c570
SHA512

1a8b8ae368fd99eed45cbfec51e534b720756aa99fba4b67e4f8502e6e92ac9db86ee2a2dd1566cae15c6f0885172f9a06f1bab21cf559694020e01436718e79
SSDEEP

1536:c3TJrrfPfYAXxe4/ZdX0P4AC7PXWOFlFvE02fIi1V6rklfbbE9G7VT4rIHM:eVlxe4/ZdX0PB6PXW4rvE02P1Vwklfbu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d88e62e0dc51229dd17ab31c65f8d30_JaffaCakes118

Files

0d88e62e0dc51229dd17ab31c65f8d30_JaffaCakes118
.exe windows:8 windows x86 arch:x86

3e996abba62d53530d7c25749e39a23b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnionRect
GetKeyState

shlwapi

UrlIsW
StrRStrIW
StrToInt64ExW
ord156
UrlGetPartA
StrCatChainW
StrCmpLogicalW

kernel32

IsDBCSLeadByte

Exports

Exports

?WhileEdit@@YGXUverifyEw@CA7

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ptr
Size: 1024B - Virtual size: 683B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ecmp
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.warz
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ptv
Size: 512B - Virtual size: 41B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.warp
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icmp
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wars
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e996abba62d53530d7c25749e39a23b

Headers

File Characteristics

Imports

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 36KB

.ptr Size: 1024B - Virtual size: 683B

.ecmp Size: 8KB - Virtual size: 8KB

.warz Size: 12KB - Virtual size: 12KB

.ptv Size: 512B - Virtual size: 41B

.warp Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 14KB

.icmp Size: 512B - Virtual size: 64B

.wars Size: 8KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 36KB

.ptr
Size: 1024B - Virtual size: 683B

.ecmp
Size: 8KB - Virtual size: 8KB

.warz
Size: 12KB - Virtual size: 12KB

.ptv
Size: 512B - Virtual size: 41B

.warp
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 14KB

.icmp
Size: 512B - Virtual size: 64B

.wars
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB