0dbcabafefa6e30ce6e9560430523d14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0dbcabafefa6e30ce6e9560430523d14_JaffaCakes118
Size

208KB
MD5

0dbcabafefa6e30ce6e9560430523d14
SHA1

48fa51b2624c4f166dfc78783c53a45130a05767
SHA256

dc13d40feb43ba5c4a559ed9d0962440f7fc9855f2d8009b0516267491262a9c
SHA512

e6c0a937015c1e6fef995cb82874f6777ab25ba035f695d2b208486c295b0c4252bbfe27aaec142a8caa6b2e216f9903b8e4066f2b4fa03895100b905ff0e796
SSDEEP

6144:nnS6BJ0rTqSZEWujlbNFkl3nA014nYCcNNB:nnS6B6rmuEdJZFkl3AZYnNB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dbcabafefa6e30ce6e9560430523d14_JaffaCakes118

Files

0dbcabafefa6e30ce6e9560430523d14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d93e96dff7aea0d2632600dc7651e408

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

PathGetCharTypeA
SHDeleteKeyA
SHQueryInfoKeyA
SHQueryValueExA

user32

SetScrollPos
SetScrollInfo
SetRect

gdi32

SelectObject
LineTo
GetObjectA
SetBkColor
GetDIBColorTable
GetRgnBox
GetDIBits

kernel32

VirtualAllocEx
ExitThread
GetProcAddress
GetCommandLineW
IsBadHugeReadPtr
GlobalAlloc
GetCommandLineA
LoadLibraryA
GetModuleHandleA
IsBadReadPtr
ExitProcess
LocalAlloc
LoadLibraryExA
GetVersionExA

Sections

CODE
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC8
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RSRC5
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RSRC6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC3
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d93e96dff7aea0d2632600dc7651e408

Headers

File Characteristics

Imports

shlwapi

user32

gdi32

kernel32

Sections

CODE Size: 59KB - Virtual size: 58KB

DATA Size: 136KB - Virtual size: 135KB

RSRC4 Size: 2KB - Virtual size: 1KB

RSRC8 Size: 2KB - Virtual size: 1KB

RSRC5 Size: 2KB - Virtual size: 1KB

RSRC1 Size: 1KB - Virtual size: 1KB

RSRC6 Size: 1KB - Virtual size: 1KB

RSRC3 Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 936B

CODE
Size: 59KB - Virtual size: 58KB

DATA
Size: 136KB - Virtual size: 135KB

RSRC4
Size: 2KB - Virtual size: 1KB

RSRC8
Size: 2KB - Virtual size: 1KB

RSRC5
Size: 2KB - Virtual size: 1KB

RSRC1
Size: 1KB - Virtual size: 1KB

RSRC6
Size: 1KB - Virtual size: 1KB

RSRC3
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 936B