16a3a9ec394cf43664025bcb54e069b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

16a3a9ec394cf43664025bcb54e069b6_JaffaCakes118
Size

140KB
MD5

16a3a9ec394cf43664025bcb54e069b6
SHA1

6f87ea1be1f7069f8e0afed9049e518b2f225e34
SHA256

b16d31ad461b25feaa831c47795921e9a24ea26d86fa73bb4d21ff601c6b5e53
SHA512

79ca2d06087bf385c97195d12f828dc059242e8950d59b3cc4476ff3f0201c60948bc46d73d5515dfc1ee8de3f1bf29e5ac9c9f85e216c3773641f28d59c7a66
SSDEEP

3072:ZP1OzGgkO8zjmaqAWlewsz0jSgH7FwuOHzLKmah/WkhzkDA:ZP8zxkO8HqzlewsIjj0LsBh0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16a3a9ec394cf43664025bcb54e069b6_JaffaCakes118

Files

16a3a9ec394cf43664025bcb54e069b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f04012e91987c57fba6a0dd90a549d04

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsPrefixA
StrPBrkW

kernel32

CreateMutexA

user32

GetDC
IsCharAlphaNumericW

Exports

Exports

?BattleModeStepAwway@@YG_KPAU_PSP@@@Z

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lemi
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vemi
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temi
Size: 512B - Virtual size: 55B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.semi
Size: 512B - Virtual size: 315B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rtp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtp3
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtp2
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtp4
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtp1
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f04012e91987c57fba6a0dd90a549d04

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 50KB

.lemi Size: 512B - Virtual size: 123B

.vemi Size: 512B - Virtual size: 28B

.temi Size: 512B - Virtual size: 55B

.semi Size: 512B - Virtual size: 315B

.data Size: 3KB - Virtual size: 2KB

.rtp2 Size: - Virtual size: 4KB

.rtp3 Size: 20KB - Virtual size: 20KB

.rtp2 Size: 24KB - Virtual size: 24KB

.rtp4 Size: 25KB - Virtual size: 24KB

.rtp1 Size: - Virtual size: 68KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 50KB - Virtual size: 50KB

.lemi
Size: 512B - Virtual size: 123B

.vemi
Size: 512B - Virtual size: 28B

.temi
Size: 512B - Virtual size: 55B

.semi
Size: 512B - Virtual size: 315B

.data
Size: 3KB - Virtual size: 2KB

.rtp2
Size: - Virtual size: 4KB

.rtp3
Size: 20KB - Virtual size: 20KB

.rtp2
Size: 24KB - Virtual size: 24KB

.rtp4
Size: 25KB - Virtual size: 24KB

.rtp1
Size: - Virtual size: 68KB

.reloc
Size: 14KB - Virtual size: 13KB