214ba52c1fe0615bdf8b110de5a54800_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

214ba52c1fe0615bdf8b110de5a54800_JaffaCakes118
Size

106KB
MD5

214ba52c1fe0615bdf8b110de5a54800
SHA1

8d14c8471ad2ddea020c6283118c8031ce7f7194
SHA256

4a98211c5559002c943be44e52f37e9362b06f3e384625735e2170ef215c7edc
SHA512

d7f95da24b99e6e347cd64c508460f8b747cc110d3fef4667d59bd8894a97f72a4dab5b11b9f48649185f0248170b38b77ab5ae3d21da2d9665cbd347d763599
SSDEEP

1536:pDfF/yYugpJ+BsxKlb0Tz7OOFGHWy4TmQsdLB8Hdez8VmF2jbxWGq6:pDf1y0pJTxKZUOOcICBU+QS2jbxWGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
214ba52c1fe0615bdf8b110de5a54800_JaffaCakes118

Files

214ba52c1fe0615bdf8b110de5a54800_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c816f782089ba87e6c5909e0d63297b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateProcessA
DeleteFileA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
FindResourceExA
FormatMessageA
FreeLibrary
FreeResource
GetCurrentDirectoryA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetLastError
GetModuleFileNameA
GetPrivateProfileSectionA
GetShortPathNameA
GetSystemInfo
GetSystemTime
GetTempFileNameA
GetTempPathA
GetTickCount
CreateDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryExA
LoadResource
LockResource
MapViewOfFile
MoveFileA
ReadFile
SetFileAttributesA
SetLastError
SizeofResource
UnmapViewOfFile
WriteFile
WritePrivateProfileSectionA
_lclose
_llseek
_lread
_lwrite
VirtualAllocEx
CreateFileW
GetVersionExA
CopyFileA

user32

LoadIconA

advapi32

RegOpenKeyExA

Sections

.text4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5c816f782089ba87e6c5909e0d63297b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text4 Size: 2KB - Virtual size: 2KB

.text3 Size: 2KB - Virtual size: 2KB

.text2 Size: 2KB - Virtual size: 2KB

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 184B

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 24KB - Virtual size: 100KB

.text4
Size: 2KB - Virtual size: 2KB

.text3
Size: 2KB - Virtual size: 2KB

.text2
Size: 2KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 184B

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 24KB - Virtual size: 100KB