e9ae773a9dd205cbebbb8e8e8f69a080_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9ae773a9dd205cbebbb8e8e8f69a080_JaffaCakes118
Size

421KB
MD5

e9ae773a9dd205cbebbb8e8e8f69a080
SHA1

044d90874880a7cbc1b59976f23a3e0d09950e9a
SHA256

11d2afefb8466c24b550fb579e77069f76e815b1c6ab352e7edba478ad48901f
SHA512

5bb7c1661270205e5cfe58fdc642311635768a2ad194903a0dc512ceb1d0c86053720f6ea1cd5849234be39933a93056579f1563749fc3d97135f05583a343af
SSDEEP

12288:AY/Ep9JBRc89goHH+5lr2EFfDD62WiNkv:LGzRc8OX5lr2m62WCkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9ae773a9dd205cbebbb8e8e8f69a080_JaffaCakes118

Files

e9ae773a9dd205cbebbb8e8e8f69a080_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cec98b22fac91de1b0da68e04e184cbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
DeleteCriticalSection
IsValidLocale
GetConsoleTitleA
RtlUnwind
GetStringTypeW
GlobalSize
GetCurrentProcess
GetOEMCP
VirtualAlloc
LeaveCriticalSection
IsBadWritePtr
HeapReAlloc
GetLastError
FileTimeToDosDateTime
GetFileType
GetACP
LCMapStringW
GetModuleFileNameA
GetCommandLineA
GetStringTypeA
ExitProcess
GetDateFormatA
GetStdHandle
GetTimeZoneInformation
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
FreeEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
VirtualProtect
TlsAlloc
CreateProcessA
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapAlloc
GetLocaleInfoW
HeapFree
ReleaseSemaphore
MultiByteToWideChar
GetCurrentProcessId
SetLastError
GetSystemInfo
GetStartupInfoW
TlsGetValue
GetVersionExA
EnumSystemLocalesA
GetEnvironmentStrings
GetTimeFormatA
GetCPInfo
InitializeCriticalSection
TlsFree
AddAtomW
CompareStringA
GetModuleHandleA
WideCharToMultiByte
GetCurrentThread
GetConsoleScreenBufferInfo
ReadConsoleOutputCharacterW
SetEnvironmentVariableA
GetProcessAffinityMask
WriteConsoleInputW
EnterCriticalSection
GetUserDefaultLCID
GetProcAddress
GetEnvironmentStringsW
GetLocaleInfoA
CompareStringW
IsValidCodePage
InterlockedExchange
HeapDestroy
WriteFile
GetModuleFileNameW
VirtualQuery
VirtualFree
TlsSetValue
OpenSemaphoreW
LCMapStringA
GetCurrentThreadId
HeapSize
GetFileAttributesA
TerminateProcess

shell32

SHQueryRecycleBinW
SHUpdateRecycleBinIcon
SHGetSpecialFolderPathA
ExtractIconExA
ShellHookProc
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListW
SheChangeDirA
FindExecutableW
RealShellExecuteA
SHGetSpecialFolderLocation
SHGetDataFromIDListA
SHLoadInProc
InternalExtractIconListW
DragQueryFileW
SHAppBarMessage

user32

GetTitleBarInfo
DdeFreeDataHandle
InSendMessageEx
WindowFromDC
EnableMenuItem
GetOpenClipboardWindow
GetClipboardSequenceNumber
PtInRect
OpenDesktopW
UnionRect
SetClipboardViewer
OpenClipboard
SetMenuItemInfoW
SetCursor

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cec98b22fac91de1b0da68e04e184cbb

Headers

File Characteristics

Imports

kernel32

shell32

user32

Sections

.text Size: 135KB - Virtual size: 134KB

.data Size: 273KB - Virtual size: 298KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 135KB - Virtual size: 134KB

.data
Size: 273KB - Virtual size: 298KB

.rsrc
Size: 12KB - Virtual size: 12KB