12460081abe0673db0419411c997a3e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12460081abe0673db0419411c997a3e6_JaffaCakes118
Size

368KB
MD5

12460081abe0673db0419411c997a3e6
SHA1

0cb3ed3389ab26133c183fb3197f3480d2643226
SHA256

096ebe469ec80bb09f894de4fbc47ef487fbf00d5061a8597dd24f584fe801ef
SHA512

6f6d2fb15917870e1c762f8ab81924f3f8fb49885457c2a7eb848a53a4f5487752395bc635243d2a6acdec65aa5a438a0231131fa103b9cb0a670071238e1615
SSDEEP

6144:W2mkVvd/4NcZf5OgPGC8AEEODcTGsWyFlpnBeIFCtelJ4pIvkL4jIGGgDgqyq:GUvd/iVC8AEEOQjF7nB5steX4pITjIGn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12460081abe0673db0419411c997a3e6_JaffaCakes118

Files

12460081abe0673db0419411c997a3e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

01e5f17a0c9529a33c59f9449914b8ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

tnod32 eset h.pdb

Imports

ole32

CLSIDFromString

kernel32

RaiseException
LoadLibraryA
lstrlenA
lstrlenW
CreateProcessW
FindCloseChangeNotification
FormatMessageA
EnumCalendarInfoExW
EnumResourceLanguagesW
GetLogicalDriveStringsW
LocalFree
LocalAlloc
GetLastError
InterlockedExchange
FreeLibrary
GetProcAddress

comdlg32

GetOpenFileNameA

msvcrt

wcscspn
wcscpy

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

btdx
Size: 4KB - Virtual size: 410B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

aqaq
Size: 4KB - Virtual size: 38B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A3x ur
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xnr-mE_
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Yaau3dil
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01e5f17a0c9529a33c59f9449914b8ed

Headers

File Characteristics

PDB Paths

Imports

ole32

kernel32

comdlg32

msvcrt

Sections

.text Size: 12KB - Virtual size: 8KB

btdx Size: 4KB - Virtual size: 410B

aqaq Size: 4KB - Virtual size: 38B

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 4KB - Virtual size: 666KB

A3x ur Size: 24KB - Virtual size: 22KB

xnr-mE_ Size: 36KB - Virtual size: 32KB

Yaau3dil Size: 168KB - Virtual size: 164KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 8KB

btdx
Size: 4KB - Virtual size: 410B

aqaq
Size: 4KB - Virtual size: 38B

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 4KB - Virtual size: 666KB

A3x ur
Size: 24KB - Virtual size: 22KB

xnr-mE_
Size: 36KB - Virtual size: 32KB

Yaau3dil
Size: 168KB - Virtual size: 164KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 4KB - Virtual size: 2KB