e8bfe7a0cc56a575fb70e545862411ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e8bfe7a0cc56a575fb70e545862411ff_JaffaCakes118
Size

164KB
MD5

e8bfe7a0cc56a575fb70e545862411ff
SHA1

01d8511e3cc229ba132d1e0d40e724240c942d2d
SHA256

19edb6384f69ebfe512f9229170b57835cd3170d8c688b062cef81775fc0da52
SHA512

6c37cb8d8fb031435ee373a9499df50b68abba2c86daae29c5b008c3af9d46b3f42767b4e0cb5aa225b7a35b4e136c809ad42438bdc6cab15971036220bf7e58
SSDEEP

3072:zT/wlwK08JTbZIwlEq1DmktvZHRJTgs2iYpRFVREiI4kbrwf5:zLdKFSs1DntlbTzI/FrEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8bfe7a0cc56a575fb70e545862411ff_JaffaCakes118

Files

e8bfe7a0cc56a575fb70e545862411ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee86c4f4c29b96ac6b3d0a50ea3f441d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

rpcrt4

RpcStringFreeA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA

shell32

SHGetPathFromIDListW
SHGetMalloc
SHChangeNotify
SHGetFolderPathW
SHFileOperationW
SHGetDesktopFolder
ShellExecuteExW
SHGetSpecialFolderLocation

shlwapi

SHDeleteEmptyKeyW
ord195
StrRetToBufW
SHDeleteKeyW
PathRemoveBackslashW

kernel32

GetVersionExW
HeapSize
HeapReAlloc
HeapFree
GetModuleHandleA
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GlobalFree
WaitForMultipleObjects
CreateEventA
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeW
VirtualAlloc
VirtualFree
CreateFileW
ReadFile
WriteFile
GetCurrentProcessId
GetModuleFileNameW
GetSystemTime
GetStdHandle

user32

GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
SetMenu
MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
MessageBoxW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect

gdiplus

GdiplusShutdown
GdiplusStartup

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee86c4f4c29b96ac6b3d0a50ea3f441d

Headers

File Characteristics

Imports

rpcrt4

shell32

shlwapi

kernel32

user32

gdiplus

advapi32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 272B

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 272B