e7eec734acdd0bac2f18fb0c5403f54d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7eec734acdd0bac2f18fb0c5403f54d_JaffaCakes118
Size

521KB
MD5

e7eec734acdd0bac2f18fb0c5403f54d
SHA1

73d9fb9e9e6459ca0bf566c7fb1ef411c5aa2e3e
SHA256

e9f97882bfe6d63bc4f22a4970595a28a8af58f5e7c113cceab58e0c1ab06f04
SHA512

648ad30a46ae12cc9fb4c06814ed3d3af94e4127e29cb49d9d72579d52f56a70a7d7282002677035d30752b54670efbd929d74549d047f20fc10af54219025d0
SSDEEP

12288:NB17JVfsKei6z6suANsj0ekG+d5NdxO0Ub5tJNIfH8wHG:NB1Yi6z6s3sj0ekGaN7O0mPmHzm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7eec734acdd0bac2f18fb0c5403f54d_JaffaCakes118

Files

e7eec734acdd0bac2f18fb0c5403f54d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32ba9389130be01649e9ce519cb0b5b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

LockWindowUpdate
LoadCursorFromFileW
RegisterClipboardFormatA
CreateIconIndirect
RegisterClassA
GetAncestor
wvsprintfW
SetScrollInfo
RegisterHotKey
GetCursorPos
ReleaseCapture
SetWindowsHookExA
ModifyMenuW
OemKeyScan
RegisterClassExA
RegisterClipboardFormatW
CloseDesktop
SetRectEmpty
IsWindow
ScrollWindow
CallWindowProcA
ShowCaret
GetClassInfoExA

kernel32

IsDebuggerPresent
CompareStringA
SetConsoleCtrlHandler
FreeLibrary
VirtualAlloc
GetCurrentProcess
OpenMutexA
GetLocaleInfoW
TlsAlloc
GetStringTypeA
HeapReAlloc
FindFirstFileExA
WriteConsoleA
EnumSystemLocalesA
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
LCMapStringA
HeapDestroy
GetDateFormatA
GetFileType
IsValidLocale
HeapCreate
ReadFile
DeleteCriticalSection
GetProcAddress
GetTimeFormatA
RtlUnwind
SetHandleCount
lstrcat
LoadLibraryA
TlsSetValue
GetConsoleCP
GetPrivateProfileIntA
TlsGetValue
CloseHandle
SetConsoleMode
GetCurrentThreadId
FreeEnvironmentStringsA
CreateFileA
ExitProcess
EnterCriticalSection
GetStdHandle
GetEnvironmentStringsW
GetCPInfo
VirtualQuery
HeapSize
QueryPerformanceCounter
GetConsoleOutputCP
SetFilePointer
FlushFileBuffers
GetSystemTimeAsFileTime
IsValidCodePage
GetModuleHandleA
UnhandledExceptionFilter
LCMapStringW
GetCurrentProcessId
GetVersionExA
GetTickCount
GetEnvironmentStrings
LoadLibraryExW
WriteConsoleW
WideCharToMultiByte
LeaveCriticalSection
GetStringTypeW
GetProcessHeap
GetUserDefaultLCID
HeapFree
InitializeCriticalSection
TlsFree
SetStdHandle
InterlockedIncrement
InterlockedDecrement
GetACP
SetEnvironmentVariableA
GetTimeZoneInformation
GetLastError
GetCurrentThread
FreeEnvironmentStringsW
GetStartupInfoA
SetLastError
GetConsoleMode
HeapAlloc
CreateMutexA
GetCommandLineA
MultiByteToWideChar
GetLocaleInfoA
VirtualFree
GetModuleFileNameA
Sleep
GetOEMCP
SetPriorityClass
WritePrivateProfileStringA
GetCompressedFileSizeA
InterlockedExchange
WriteFile
CompareStringW

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32ba9389130be01649e9ce519cb0b5b8

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 9KB - Virtual size: 40KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 9KB - Virtual size: 40KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 7KB - Virtual size: 6KB