3904e71b69d05368e3af53443a032024_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3904e71b69d05368e3af53443a032024_JaffaCakes118
Size

228KB
MD5

3904e71b69d05368e3af53443a032024
SHA1

b7c7a85150dcb424bb3185b12c2d998bf9eea717
SHA256

84358878f52f4ca960776390ad612e639881ded55995123f845625006d9b7301
SHA512

3a8143fd0c7cd66718f246406a7aff760af45721c7ddc15ed859989c31888e7bf71363fdcb80cd7e1be719fc91043d0d8b6580060212ec8f4cfe41997243237c
SSDEEP

6144:wXamaCycwc9pMda244LD+WiQ1YI1mr6Gv+f:+amaCfwc/YlLLStxW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3904e71b69d05368e3af53443a032024_JaffaCakes118

Files

3904e71b69d05368e3af53443a032024_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Opal gox\Jismlayoh\Bedscay.pdb

Exports

Exports

?AideHowkOssaMaidEgoschitLoopEmirAlowSaulnippe@@YGXU_SYSTEMTIME@@ACUAlumKemp@@PCUtagWNDCLASSW@@IK@Z
?AilsheroOkehnullHiltHarklubeup@@YGXACKD@Z
?AlmsBrosMercgobsYoghJazzxystMakoEdgyRamstaosegadboarGetahm@@YGXACI@Z
?AweeFykeRapeFretwinkLotinu@@YGXACMUtagLOGBRUSH@@ULazegrimTakapod@@UCritvileden@@EPCE@Z
?AyeshoveDorkreambunow@@YGXPCUtagMSG@@UPinaBangSootDyerka@@PCUSnobJoeswog@@DACMPCULichdeneChatdamnMummhm@@J@Z
?BitsRelycalxWoesPsstToolCoffViesDutyEarsbrosTermTarsgownpry@@YGXACUtagLOGFONTW@@0PCG@Z
?BozoComaLooscalkGrubion@@YGXPCUtagLOGBRUSH@@AC_W@Z
?ButtoinkDawsTwaeAgmahaloKoraNeckbah@@YGEACDACUBrinJaukLiongybeab@@MI@Z
?DewsCuntcepki@@YGGXZ
?FinsOttooatsPikakepiDuctKirnjubawartwaryzip@@YGGACUtagBITMAP@@UBodyorcavetojugaPushted@@PCGPCE@Z
?FlamEnufRebsWaurbe@@YGK_WPCEUtagLOGPALETTE@@PCU_SECURITY_ATTRIBUTES@@ACJ@Z
?HoysMemsKaphwatmo@@YGGUOldsDecoRindPolscwmis@@ACUParskneepicakiwioi@@ACUtagMSG@@ACUSotsToftlug@@G@Z
?JivepapsAgasbunnTwintintCloymeatKepiAmiddaisShadSithToombigstao@@YGEACUKillhoerMinaJibsRhus@@UFiveAlpsin@@I@Z
?LoupSojamartJetsDeniSildPionalaedotsoms@@YGGPCUMitymorasoli@@PCJACKPCM@Z
?MallEyrydebtEyregiftViewMugsCaloMercTanstourPolySootFiatlie@@YGGPC_W@Z
?MonyMurrBrowLamegrinFizzLavenewsBytewhupSykeFuelNaoirub@@YGEXZ
?OrdoCallAxisossaToryheloughsGoof@@YGGACEPCH@Z
?RestpitsjowsNodiajeeLodetutif@@YGXUCymeYepsdeys@@PCUJadeKnappopmm@@ACUHarmbangabosDies@@ACGUDotsOinkPursBeau@@PCG@Z
?RileTikijinnmojohogsTostmaletheeFritrheaDouxForkweakinnmy@@YGKUWaffIcesRielboyojo@@PCHG@Z
?RimeTillFlubDagoouphGodszitsHaemCurrOnlyitch@@YGK_WACUtagMSG@@PCH@Z
?Seekmaltsubs@@YGEACUKaguSoilGivetipna@@ACE@Z
?SwamabosLatsRibsSnugWordNoilIdolprofAidereddeye@@YGXUtagSIZE@@PCUKuespantElmyTorcerrho@@H@Z
?SwayAverSpecToolJadeTorrTenswalkjumphoveTrogJokePelesuqnu@@YGGXZ
?UrdsdawkmaltWortCameSpudlotsRobsCadsmuniNibser@@YGEPCUIambPeansh@@ACI@Z
?VeinSoftdawtoy@@YGGACDPCIAC_WACG@Z
?WantturfsorbPisoLoftBeefsorbGripaw@@YGXXZ
?WineUtasGorpGringo@@YGXPCM@Z
?WolfjoeyrapeEgerchinbapsBetsManoceteBoysmilswartSithHularias@@YGEUBeessadon@@MK@Z
?ZetabattFunkFowlbeadhowlLobsWeptshhre@@YGKACUDateTelawhit@@PCD@Z
Aeryfreeoastyen
AxalSeemhopegelah
BeerdeadGowdLobs
BledVelatethJoltYowedatobhutKoasSirsBamsHinsgolfFeedSabsactli
BranSoleGift
BuraPacsyaffPechaxestapaw
CallVangBoderungfaveSawsOpesSealhetsAtesdoomSewnScarmolalast
ClonHopsOmitHetsRoomowsetoraSapsKelpYlemBlotHeilwhipeve
CystMirkJigsmerksizyMemePileBlipTepaSnogCogsJoeyarb
DelsPiliYaupGlueGaolGuysdukeTassBaudSetaEgadComaZinemim
EathseepHestIdolMummariaFadsMoskNimseelsEcusqi
EllsEtnatrimengby
EmictackconkawnyArmyKerfEasykailPrezBoosTzarslagsilkSiftNipswo
FealPerisandEvenrulepoosAriaVrowOralTeamcrabEcusTorewok
FledoximdenyWhitdoesdrawLaicJeanUrpsLambhypsPulaPacalaceeft
FoilTrioCalmCoaxVialArmyflicnegsfeudkosspigpa
FowlbiteTollgagaDillGuruLociPartStatbapde
GabyNegsLekuBevyGeumPirnHuckstowtrimzekhi
GlugSlapAmidCruxglopInbytotscodespy
GoalGoodDeesPestBodePubsFursviewGied
HakuFolkup
HighCepemabeknitNerdbrayBoldtookcarktutsBaitOdeaCoteabrine
HuicEyedbiseKonkhighno
JinsLumpnapsRoesuh
KaesRoomPixyCellAgiomiggRifsLaneSwam
KhetPoissin
KirkcineLullBuoyoi
KyatPledGlimnounOkesKegsfursCashlobeNiceHastpeeporemi
LimaBillmolemileSmutArtshug
LostfurlchamshahFubsRoveHereCropGarsmonsPairforkseepsineegg
MintMojoCubePocoCwmsPoloclefTwitStotRoaddogyShaylesssom
OgeeLameRealYogiDemeabasEyneCoryMeadglambabuquinBeepVeinsobhm
PatsWavyAgeePuntPeassibsqueyFemsBahtButedoxyLineokayoot
PortFlicsoakVrowlyeai
RimehomowaretoneSongBothGulpwaveTopsicesfycerangxu
SarigaumFoinWaretoleWimpLuckjinskafsProaMiry
ShooRuerGnusGiveexedigluGratYawpCoxaFutzslurFoinyum
SothPullBraybermRimyslugShahgawkcigsfeu
SughhinsetnaYaksThen
TainkorsTyrobeenlogoScotjo
ToilEgisceesbuhrLeetBuckJerkerstLiltSnugpopeFootquagPoufjogox
VimsbubuYodsnoirstepreshZebuain
YelkEsneSoonGoadSallbuzzJucoPulsoy

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xsw
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ

.edc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 100KB

.data Size: 31KB - Virtual size: 30KB

.xsw Size: 16KB - Virtual size: 16KB

.edc Size: 39KB - Virtual size: 39KB

.reloc Size: 32KB - Virtual size: 31KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 101KB - Virtual size: 100KB

.data
Size: 31KB - Virtual size: 30KB

.xsw
Size: 16KB - Virtual size: 16KB

.edc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 7KB - Virtual size: 6KB