11a397ba818329dac91dcb59fa41b4bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11a397ba818329dac91dcb59fa41b4bb_JaffaCakes118
Size

389KB
MD5

11a397ba818329dac91dcb59fa41b4bb
SHA1

9903c709919bdd6f6f6415a116b10bc25a1bf5a7
SHA256

6d90b113e13a5dde6e6428eff44751b6e81729feab6e078df764b8d0ebe94a67
SHA512

f06e48c2c48643b5949a470e93baebb96514ff05841991c6ae9b0cc672e2015fbd665714c057b86c990f22b2c11cb65e592fe1cd9289c1c40bdee2bf10a750e1
SSDEEP

12288:ksgCUMBBa7A8unqoLIPZpkR0+MuJrf9K7i:2Ura84NRpkBBVK7i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11a397ba818329dac91dcb59fa41b4bb_JaffaCakes118

Files

11a397ba818329dac91dcb59fa41b4bb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ce8b3fc71d58f06eb8c563e2329f244f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
VirtualFree
GetModuleFileNameA
ReadFile
CreateThread
HeapAlloc
LocalFree
ReadFile
FreeLibrary
ReadFile
FreeLibrary
GetModuleHandleA
VirtualAlloc
lstrcpyW
lstrcmpiW
LocalFree
GetModuleFileNameA
GetStartupInfoA
HeapDestroy
lstrcmpiW
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
InitializeCriticalSection
MultiByteToWideChar
GetACP
SetFilePointer
GetStartupInfoA
CreateFileW
GetACP
SetEvent
lstrlenW
VirtualFree
HeapFree
InterlockedDecrement
VirtualAlloc
GetCurrentProcess
VirtualFree
CreateFileW
GetTickCount
LeaveCriticalSection
WideCharToMultiByte
GetVersionExA
FreeLibrary
GetModuleHandleA
VirtualFree
VirtualFree
GetACP
WaitForSingleObject

Sections

.text
Size: 85KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.test1
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.test3
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 553B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce8b3fc71d58f06eb8c563e2329f244f

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 85KB - Virtual size: 92KB

.idata Size: 2KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.test1 Size: 512B - Virtual size: 4KB

.test2 Size: 512B - Virtual size: 4KB

.test3 Size: 512B - Virtual size: 4KB

.data2 Size: 1024B - Virtual size: 553B

.reloc Size: 512B - Virtual size: 36B

.rsrc Size: 1024B - Virtual size: 802B

.text
Size: 85KB - Virtual size: 92KB

.idata
Size: 2KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.test1
Size: 512B - Virtual size: 4KB

.test2
Size: 512B - Virtual size: 4KB

.test3
Size: 512B - Virtual size: 4KB

.data2
Size: 1024B - Virtual size: 553B

.reloc
Size: 512B - Virtual size: 36B

.rsrc
Size: 1024B - Virtual size: 802B