e7af46caddf748f30ae1b6df7bbb3851_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7af46caddf748f30ae1b6df7bbb3851_JaffaCakes118
Size

527KB
MD5

e7af46caddf748f30ae1b6df7bbb3851
SHA1

ceaae339282de2a5b4bc0090c75b048f60d42c66
SHA256

b019965fcc3c888ec460ad8735ee5b7b65139e37756fcdc151399f03167338e8
SHA512

7dc0fed987888dd1eaed82aa3534505f84591a32b2ac9dce0a90a1ce0beeb7c9fb641532c53f6e9074fb5e1983d2d299f22583b170bd49c3ea60a8a09c4416ea
SSDEEP

12288:Wg65wOqAGM3/miZp/mRvRnziXxP2K9/2gackIz0e0pxuh:lYqAGo3/mRvVihd22zux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7af46caddf748f30ae1b6df7bbb3851_JaffaCakes118

Files

e7af46caddf748f30ae1b6df7bbb3851_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a25481b73d8706b6679b22aa739cf1e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

SetLastError
MultiByteToWideChar
GetDateFormatA
LoadLibraryA
QueryPerformanceCounter
GetACP
IsValidLocale
GetCurrentProcess
EnumSystemCodePagesW
OpenMutexA
GetStartupInfoA
FlushFileBuffers
EnumSystemLocalesA
GetTimeZoneInformation
IsBadWritePtr
TerminateProcess
GetLastError
FreeLibraryAndExitThread
DosDateTimeToFileTime
FreeEnvironmentStringsA
GetCommandLineW
HeapDestroy
HeapReAlloc
UnhandledExceptionFilter
SetStdHandle
CreateDirectoryA
GetStringTypeW
SetFilePointer
ReadFile
HeapSize
LCMapStringW
SetEnvironmentVariableA
HeapFree
CreateMutexA
HeapAlloc
InterlockedExchange
CompareStringW
FreeEnvironmentStringsW
GetCurrentThread
GetEnvironmentStrings
InitializeCriticalSection
TlsSetValue
GetStartupInfoW
GetModuleFileNameA
ExitProcess
GetLocaleInfoW
GlobalFindAtomW
VirtualFree
GetLocaleInfoA
LeaveCriticalSection
DeleteCriticalSection
CompareStringA
SystemTimeToFileTime
GetModuleHandleA
TlsAlloc
VirtualQuery
VirtualAlloc
GetTickCount
GetUserDefaultLCID
EnterCriticalSection
TlsGetValue
GetCPInfo
GetVersionExA
WideCharToMultiByte
GetSystemTimeAsFileTime
GetModuleFileNameW
LCMapStringA
CreateMutexW
GetStringTypeA
VirtualProtect
GetCommandLineA
WriteFile
GetSystemInfo
SetHandleCount
GetCurrentThreadId
IsValidCodePage
CloseHandle
TlsFree
GetEnvironmentStringsW
LoadResource
RtlUnwind
GetProcAddress
GetStdHandle
GetTimeFormatA
GetCurrentProcessId
GetOEMCP
HeapCreate
GetFileSize
GetFileType
AddAtomA
SetThreadAffinityMask

wininet

DetectAutoProxyUrl
IsUrlCacheEntryExpiredA

comctl32

InitCommonControlsEx

user32

DrawEdge
SetCaretBlinkTime
IsIconic
PostMessageW
SetWindowTextW
RegisterClassExA
ShowOwnedPopups
CreateMDIWindowW
SendNotifyMessageW
ExcludeUpdateRgn
RegisterClassA
GetTabbedTextExtentW
EndMenu
WaitMessage
EndDeferWindowPos
GetWindowTextLengthA

gdi32

GetTextMetricsW

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a25481b73d8706b6679b22aa739cf1e6

Headers

File Characteristics

Imports

shell32

kernel32

wininet

comctl32

user32

gdi32

Sections

.text Size: 203KB - Virtual size: 203KB

.rdata Size: 8KB - Virtual size: 33KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 203KB - Virtual size: 203KB

.rdata
Size: 8KB - Virtual size: 33KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 1KB - Virtual size: 1KB