2a5d176b646631e5a7c8f4fcd18c67ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a5d176b646631e5a7c8f4fcd18c67ae_JaffaCakes118
Size

101KB
MD5

2a5d176b646631e5a7c8f4fcd18c67ae
SHA1

fbcb999fdabda962d064c86cd101d43fd7345755
SHA256

eabc1072237a93e727927cba7315a17120ac3e2c6f9847428376f5dc430d28a8
SHA512

7c88cf25f821d294025b32ffb51ddfc2ff7ed90f0dff7ec13ec2379ce88915efd83e9dc6f11cd5db5b4d5e72babf07eac489d99431c8063e315c3a71285e1685
SSDEEP

3072:LPnz1/FShbacrDkstQdbx6vTuBGvqmNLmG:LPnI7zOdb6asvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a5d176b646631e5a7c8f4fcd18c67ae_JaffaCakes118

Files

2a5d176b646631e5a7c8f4fcd18c67ae_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ce2c02b3d1898174376efd042670ccbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
InitializeCriticalSection
CreateThread
EnterCriticalSection
GetCurrentProcess
QueryPerformanceCounter
LoadLibraryW
GetModuleFileNameA
GetModuleHandleA
HeapFree
GetCurrentProcess
FreeLibrary
lstrlenW
GetStartupInfoW
GetModuleHandleW
ExitProcess
GetACP
SetLastError
MultiByteToWideChar
LocalAlloc
FormatMessageW
GetStartupInfoW
lstrcpyW
CloseHandle
TerminateProcess
lstrcmpiW
QueryPerformanceCounter
LocalAlloc
GetLastError
LocalFree
WriteFile
Sleep
GetCurrentThreadId
WideCharToMultiByte
SetLastError
GetTickCount
WideCharToMultiByte
GetModuleHandleA
GetCurrentThreadId
WaitForSingleObject
HeapAlloc
GetVersionExA
InitializeCriticalSection
SetUnhandledExceptionFilter
LeaveCriticalSection

Sections

.qcyf
Size: 91KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orde
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.feoa
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dljg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oilw
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ucer
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fsmf
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.efcm
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mkvd
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce2c02b3d1898174376efd042670ccbb

Headers

File Characteristics

Imports

kernel32

Sections

.qcyf Size: 91KB - Virtual size: 96KB

.orde Size: 512B - Virtual size: 4KB

.feoa Size: 512B - Virtual size: 4KB

.dljg Size: 512B - Virtual size: 4KB

.oilw Size: 1KB - Virtual size: 4KB

.ucer Size: 512B - Virtual size: 4KB

.fsmf Size: 3KB - Virtual size: 3KB

.efcm Size: 512B - Virtual size: 12B

.mkvd Size: 1024B - Virtual size: 4KB

.qcyf
Size: 91KB - Virtual size: 96KB

.orde
Size: 512B - Virtual size: 4KB

.feoa
Size: 512B - Virtual size: 4KB

.dljg
Size: 512B - Virtual size: 4KB

.oilw
Size: 1KB - Virtual size: 4KB

.ucer
Size: 512B - Virtual size: 4KB

.fsmf
Size: 3KB - Virtual size: 3KB

.efcm
Size: 512B - Virtual size: 12B

.mkvd
Size: 1024B - Virtual size: 4KB