ea6c6f5dc0ebeb0a4aa4db68295226ed_JaffaCakes118

General

Target

ea6c6f5dc0ebeb0a4aa4db68295226ed_JaffaCakes118
Size

3.4MB
MD5

ea6c6f5dc0ebeb0a4aa4db68295226ed
SHA1

3d6b166abea6d20055f5545f1796b7ebaf1cba1d
SHA256

69b56262e9d600f9e3fe44ea93382829ac6c4641c7e6e11f9fde3e3e546b944e
SHA512

c89b9bd09ef1163d1bcb335cbfe92378d043fc8c224986ea8006d587b0387748813d2d1fe1f138f88cfc8e550b8088ee08d76090f07742d2da29fce5ca9337f1
SSDEEP

49152:WBqy+y6rV2BMwZ80291ROTIyGec5eKMnWUk/rckQjmKr2SNFlxe20P/cQb9VAE2D:IqsdB7ZmRCIMWvMpJx30PUs9kNg71a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6c6f5dc0ebeb0a4aa4db68295226ed_JaffaCakes118

Files

ea6c6f5dc0ebeb0a4aa4db68295226ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8131b5ae9d67e4587ce6971fd26eaf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcessId
SetUnhandledExceptionFilter
GetModuleHandleW
GetProcAddress
TerminateProcess
UnhandledExceptionFilter
FreeLibrary
MultiByteToWideChar
LocalFree
DeleteCriticalSection
EnterCriticalSection
WaitForSingleObject
ExitProcess
GetStdHandle
GetCommandLineW
FindClose
GetACP
GetFileType
InitializeCriticalSection
FlushFileBuffers
CreateThread
GetCPInfo
TlsFree
SetFilePointer
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetEnvironmentStringsW
SetStdHandle
FreeEnvironmentStringsW
IsValidCodePage
LocalAlloc
GetCommandLineA
GetVersionExW
ReleaseMutex
CreateFileA
VirtualFree
lstrlenW
LoadLibraryA
GetModuleHandleExW
GetFullPathNameW
UnmapViewOfFile
ExpandEnvironmentStringsW
CreateProcessW

user32

ShowWindow
DestroyWindow
DefWindowProcW
MessageBoxW
PostQuitMessage
SetWindowLongW
GetMessageW
PostMessageW
SendMessageW
GetClientRect
SetWindowPos
EnableWindow
LoadCursorW
SetTimer
LoadIconW
SetFocus
SetForegroundWindow
GetSysColor
PeekMessageW
EndPaint
InvalidateRect
RegisterClassW
GetWindow
SystemParametersInfoW
GetKeyState
MessageBoxA
ClientToScreen

Sections

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8131b5ae9d67e4587ce6971fd26eaf8

Headers

File Characteristics

Imports

kernel32

user32

Sections

.idata Size: 2KB - Virtual size: 1KB

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB