140bd222a90a31dc6191169b19c0fac0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140bd222a90a31dc6191169b19c0fac0_JaffaCakes118
Size

252KB
MD5

140bd222a90a31dc6191169b19c0fac0
SHA1

fb4212570ccc2d5cd29e318a41802d0bae6f204e
SHA256

aa5b69b4b1fda36035ce3a40e97dc26fb11b6cbf4164f1fc1d3e6d40a78156a3
SHA512

ab75a76577bd164792737f3b9128688847f85e84f7e0de3acbc83a825c62724036decde16bf301ce5692594bdff9fa6f578b5a7aae2f6ee97c4883b92b0aa6b4
SSDEEP

6144:EWmNy4fNqIs9Dgtk2HJqvKtv9jN/szbV:EWl46Kt1xUzbV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140bd222a90a31dc6191169b19c0fac0_JaffaCakes118

Files

140bd222a90a31dc6191169b19c0fac0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bdf8d089e359b8a4e074a1344dcc3ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetMessageA

advapi32

RegDeleteKeyW

shell32

ShellExecuteW

crypt32

CertOpenSystemStoreW

d4token_icbc

OnKeyT_GetSlotList

ole32

CoMarshalInterface

Sections

.textbss
Size: - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5bdf8d089e359b8a4e074a1344dcc3ed

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

crypt32

d4token_icbc

ole32

Sections

.textbss Size: - Virtual size: 69KB

.text Size: - Virtual size: 160KB

.rdata Size: - Virtual size: 32KB

.data Size: - Virtual size: 14KB

.idata Size: - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 8KB

.vmp0 Size: - Virtual size: 142KB

.vmp1 Size: 240KB - Virtual size: 239KB

.textbss
Size: - Virtual size: 69KB

.text
Size: - Virtual size: 160KB

.rdata
Size: - Virtual size: 32KB

.data
Size: - Virtual size: 14KB

.idata
Size: - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 8KB

.vmp0
Size: - Virtual size: 142KB

.vmp1
Size: 240KB - Virtual size: 239KB