JaffaCakes118_c84ee643ea21e05f8ed6341708383c36

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c84ee643ea21e05f8ed6341708383c36
Size

246KB
MD5

c84ee643ea21e05f8ed6341708383c36
SHA1

740c3e26cd2167bdade98e331ad2fdf4778bbce9
SHA256

48da3d227faa127d12f27e440aa1a249afd93a1a46379ce33da6478b8377e33e
SHA512

cef52d4bdf1ebd6a7d3b91a966a863509e004eec2bf4d9b1b7d81a3776ec400e3bb243c1d8b38105aa3add4ce2be314b12811370109833fd5760dd94b8d1563f
SSDEEP

6144:hPN6fomEP1dQSVXDbOOvLd60vw+/XYB0lb:hPwfomEtKSVzDvBZvb/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c84ee643ea21e05f8ed6341708383c36

Files

JaffaCakes118_c84ee643ea21e05f8ed6341708383c36
.exe windows:4 windows x86 arch:x86

cb20890f280f79482389f27d57ed751b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapFree
GetModuleHandleW
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
WideCharToMultiByte
RtlUnwind
HeapAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
SetFilePointer
IsProcessorFeaturePresent
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
BeginUpdateResourceW
GetProcAddress

riched20

CreateTextServices

dsdmo

DllUnregisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wn
Size: 512B - Virtual size: 313B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vZLqt
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.euXasO
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.k
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eQNXTi
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aF
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb20890f280f79482389f27d57ed751b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

riched20

dsdmo

Sections

.text Size: 18KB - Virtual size: 17KB

.wn Size: 512B - Virtual size: 313B

.vZLqt Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.euXasO Size: 2KB - Virtual size: 2KB

.k Size: 1024B - Virtual size: 1KB

.eQNXTi Size: 1024B - Virtual size: 1KB

.data Size: 214KB - Virtual size: 342KB

.aF Size: 512B - Virtual size: 225B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.wn
Size: 512B - Virtual size: 313B

.vZLqt
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.euXasO
Size: 2KB - Virtual size: 2KB

.k
Size: 1024B - Virtual size: 1KB

.eQNXTi
Size: 1024B - Virtual size: 1KB

.data
Size: 214KB - Virtual size: 342KB

.aF
Size: 512B - Virtual size: 225B

.rsrc
Size: 4KB - Virtual size: 4KB