d74daee515bd5a77f299151a568cb57a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d74daee515bd5a77f299151a568cb57a_JaffaCakes118
Size

428KB
MD5

d74daee515bd5a77f299151a568cb57a
SHA1

68555ccb11104b0bb9243ba3f5f464de8bb701e6
SHA256

1d8ce53b219771b49d743424498747af3f4201f194dd1020247bb4a492156fb0
SHA512

62dc4d6d0d2831bf55247e6c87cd6b6a5c2798dd1aaea072140146598b9f07921b5f53af2a4c93d5430e54002456a1abc57a00acb2f57339ed827a790febb646
SSDEEP

12288:oYV6HO69joWO8UD8KHCeAJlkMAUhX+cblCJxfS6:oYh8UD8cCEtUhXvOR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d74daee515bd5a77f299151a568cb57a_JaffaCakes118

Files

d74daee515bd5a77f299151a568cb57a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8402d4cc115afc02533c35603f0dc5c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleFileNameA
DeleteTimerQueue
GetFirmwareEnvironmentVariableA
SetFirmwareEnvironmentVariableA
GlobalMemoryStatusEx
GetTapeStatus
CreateThread
HeapWalk
SetFilePointerEx

ntdsapi

DsFreeSpnArrayA

imm32

ImmDestroyContext

oleaut32

VarCyFromI1

pdh

PdhGetCounterInfoW

clusapi

OpenCluster

user32

wsprintfW

msvcrt

memcpy
wcstoul
isalnum

setupapi

SetupBackupErrorA

urlmon

CoInternetCombineUrl

comdlg32

ChooseColorA
PageSetupDlgW

ole32

HMENU_UserUnmarshal

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ordo
Size: 4KB - Virtual size: 748B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.t
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mrt1
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8402d4cc115afc02533c35603f0dc5c9

Headers

File Characteristics

Imports

kernel32

ntdsapi

imm32

oleaut32

pdh

clusapi

user32

msvcrt

setupapi

urlmon

comdlg32

ole32

Sections

.text Size: 16KB - Virtual size: 12KB

ordo Size: 4KB - Virtual size: 748B

.t Size: 4KB - Virtual size: 46B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 367KB

.mrt1 Size: 100KB - Virtual size: 97KB

CODE Size: 100KB - Virtual size: 97KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 16KB - Virtual size: 12KB

ordo
Size: 4KB - Virtual size: 748B

.t
Size: 4KB - Virtual size: 46B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 367KB

.mrt1
Size: 100KB - Virtual size: 97KB

CODE
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 96KB - Virtual size: 94KB