41d327d724ff3335ff906906e52c83b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41d327d724ff3335ff906906e52c83b2_JaffaCakes118
Size

319KB
MD5

41d327d724ff3335ff906906e52c83b2
SHA1

c6ca7a55ed3f9760ed6c7698cb56ad0c6136e9f3
SHA256

db3eb1a24d0edc0234f7e014c9281e5bd9cd2762e2e91e7cb7c12f212bc1afd4
SHA512

bedfba14558477dd16f7c9a32bbb966a1a212fb9deddc2832452f5569796855c9a3f00f07ebee217617be9797e6913e8944b6f6e4790b3a6636b037a91ff5efd
SSDEEP

6144:17oIVnGIC1mH3wu1HJA4ihcybavNbQ/FktRRies:1TxGIC1mAu1HWBhdavNttji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41d327d724ff3335ff906906e52c83b2_JaffaCakes118

Files

41d327d724ff3335ff906906e52c83b2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6f21f95e0e874c5d48adc78e68283ab4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitProcess
GlobalAlloc
GlobalFree
SetFilePointer
WriteFile
ReadFile
CreateFileA
FindFirstFileA
FindClose
DeleteFileA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentProcess
DuplicateHandle
GetStdHandle
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
DeleteCriticalSection
FindNextFileA

user32

GetPropA
IsIconic
ShowWindow
GetLastActivePopup
SetForegroundWindow
EnumWindows
MessageBoxA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 637B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�Z8
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f21f95e0e874c5d48adc78e68283ab4

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 1024B - Virtual size: 637B

.exc Size: 1024B - Virtual size: 612B

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 2KB - Virtual size: 2KB

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.bss Size: - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

�Z8 Size: 83KB - Virtual size: 84KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 1024B - Virtual size: 637B

.exc
Size: 1024B - Virtual size: 612B

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 2KB - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.bss
Size: - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB

�Z8
Size: 83KB - Virtual size: 84KB