53d514feb9f850d202c439e4ab61bc63_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

53d514feb9f850d202c439e4ab61bc63_JaffaCakes118
Size

646KB
MD5

53d514feb9f850d202c439e4ab61bc63
SHA1

bd679fbb5224e87a4f411cab4e43a264035d303c
SHA256

195994b7e03799d37845a51c854396a2c546a4ba6518b41c8a2e6516417503e1
SHA512

641915caccafd0715e151ae697f3467d2e317b0055b974d64103477a46dde2159611519403f1083d0b254e41f662b078cb960984ac3ca01cea1f3544a8c1b679
SSDEEP

12288:rNoQv8A0EA5FMqzvr3hl+l0/SzfcJg2qwhENdkJTDOLSPn5IWB7v:rpvlA5F9Ol0/YsGw4ysSP5BRv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/qd8.exe

Files

53d514feb9f850d202c439e4ab61bc63_JaffaCakes118
.rar
qd8.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EurekaLog_PasswordRequestEvent
ExceptionManager

Sections

CODE
Size: 796KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 796KB - Virtual size: 796KB

DATA Size: 84KB - Virtual size: 84KB

BSS Size: 16KB - Virtual size: 16KB

.idata Size: 88KB - Virtual size: 88KB

.edata Size: 4KB - Virtual size: 4KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.vmp0 Size: 40KB - Virtual size: 40KB

.rsrc Size: 208KB - Virtual size: 208KB

.reloc Size: 40KB - Virtual size: 40KB

.vmp Size: 8KB - Virtual size: 8KB

.vmp Size: 16KB - Virtual size: 16KB

.vmp Size: 200KB - Virtual size: 200KB

.. Size: 23KB - Virtual size: 24KB

CODE
Size: 796KB - Virtual size: 796KB

DATA
Size: 84KB - Virtual size: 84KB

BSS
Size: 16KB - Virtual size: 16KB

.idata
Size: 88KB - Virtual size: 88KB

.edata
Size: 4KB - Virtual size: 4KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.vmp0
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 208KB - Virtual size: 208KB

.reloc
Size: 40KB - Virtual size: 40KB

.vmp
Size: 8KB - Virtual size: 8KB

.vmp
Size: 16KB - Virtual size: 16KB

.vmp
Size: 200KB - Virtual size: 200KB

..
Size: 23KB - Virtual size: 24KB