115ce417c718485b84fa6f581df1b323_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

115ce417c718485b84fa6f581df1b323_JaffaCakes118
Size

181KB
MD5

115ce417c718485b84fa6f581df1b323
SHA1

53f858770057b4d8e1c84af3d4417f157cbfe8fa
SHA256

745ae36974e980bbec18536bfabd1aff723d98d6990f56fef7dff2b1f2b0a182
SHA512

14c9c76a8c7d12c9823c530ade7f708dcbe17e0e1abca810d9995e8ee26fddf98047d01d78feb6bfcf34a80f4b4509f089553f334abf844749d30420b3379868
SSDEEP

3072:KlpmlH0MDWm4iQy9noOWW2wCWRNX/TOthAo7YI7ZKqidFA6IQpt2kcX:KbqHn6iQydoOvBR/TOthARI7cqoVIUbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
115ce417c718485b84fa6f581df1b323_JaffaCakes118

Files

115ce417c718485b84fa6f581df1b323_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b85366a1c75cc758bddbd2d1fb8ccab5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Main\Files\cfg.exe

Imports

user32

CharLowerA

shlwapi

ord29

kernel32

lstrlenA

Exports

Exports

?ConflictReason@@YGFPAUHWINSTA__@@PAUHWINEVENTHOOK__@@@Z
?QuantumProcess@@YGFPAUHWINSTA__@@PAUHWINEVENTHOOK__@@@Z

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.q1
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q2
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q4
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q7
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q6
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q5
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.q3
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q8
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b85366a1c75cc758bddbd2d1fb8ccab5

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.q1 Size: 512B - Virtual size: 28B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 200KB

.q2 Size: 512B - Virtual size: 228B

.q4 Size: 1024B - Virtual size: 696B

.q7 Size: 26KB - Virtual size: 26KB

.q6 Size: 29KB - Virtual size: 29KB

.q5 Size: 31KB - Virtual size: 30KB

.reloc Size: 1KB - Virtual size: 1KB

.q3 Size: 29KB - Virtual size: 29KB

.q8 Size: 31KB - Virtual size: 30KB

.text
Size: 26KB - Virtual size: 25KB

.q1
Size: 512B - Virtual size: 28B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 200KB

.q2
Size: 512B - Virtual size: 228B

.q4
Size: 1024B - Virtual size: 696B

.q7
Size: 26KB - Virtual size: 26KB

.q6
Size: 29KB - Virtual size: 29KB

.q5
Size: 31KB - Virtual size: 30KB

.reloc
Size: 1KB - Virtual size: 1KB

.q3
Size: 29KB - Virtual size: 29KB

.q8
Size: 31KB - Virtual size: 30KB