eaf04e17e1f084e932530f5036007246_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eaf04e17e1f084e932530f5036007246_JaffaCakes118
Size

346KB
MD5

eaf04e17e1f084e932530f5036007246
SHA1

10aba3bca1d7721c60a41c891b32ef5fbcf4a095
SHA256

305af386dfb59cc14ad255a7aac784abdb936232e5383a1a2f67c30cf3d0e67e
SHA512

9c2e5136eed48cf022a3710728d82f3dc57f8882080fde41422ec075c3cb395eba2335480fe828ad20ce3c40342b501ef7500685ff833ecd2c02223979767099
SSDEEP

6144:JDuXvecbrzYYwf80gTWx+Pcr07DoqWdtIz7YwumcNdG5lDMBrse:JDuXveccYwE2ucr075CSzS/dAaBrse

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaf04e17e1f084e932530f5036007246_JaffaCakes118

Files

eaf04e17e1f084e932530f5036007246_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b818de1600166d16e837edba25d6dbfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetModuleFileNameA
VirtualFree
GetCurrentThreadId
OpenMutexA
HeapAlloc
TlsFree
LoadLibraryA
IsValidCodePage
GetConsoleOutputCP
GetStdHandle
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetStringTypeA
SetConsoleCtrlHandler
GetTickCount
GetVersionExA
GetProcessHeap
SetEnvironmentVariableA
GetEnvironmentStrings
LCMapStringA
QueryPerformanceCounter
InterlockedIncrement
GetCurrentProcessId
ReadFile
GetCurrentThread
LeaveCriticalSection
GetSystemTimeAsFileTime
GetEnvironmentStringsW
LCMapStringW
GetStartupInfoA
RtlUnwind
VirtualQuery
MultiByteToWideChar
HeapSize
CreateFileA
WriteConsoleW
SetHandleCount
GetCPInfo
GetCommandLineA
DeleteCriticalSection
TlsSetValue
SetStdHandle
WriteFile
GetLocaleInfoA
Sleep
FlushFileBuffers
GetTimeZoneInformation
CompareStringW
GetDateFormatA
GetUserDefaultLCID
GetTimeFormatA
EnterCriticalSection
ExitProcess
GetProcAddress
CompareStringA
IsDebuggerPresent
TerminateProcess
HeapDestroy
HeapFree
WideCharToMultiByte
GetConsoleCP
FreeEnvironmentStringsA
WriteConsoleA
GetStringTypeW
GetLocaleInfoW
TlsGetValue
VirtualAlloc
GetOEMCP
EnumSystemLocalesA
GetConsoleMode
InterlockedExchange
GetFileType
FreeResource
InterlockedDecrement
CloseHandle
IsValidLocale
CreateMutexA
InitializeCriticalSection
GetModuleHandleA
SetUnhandledExceptionFilter
TlsAlloc
GetACP
HeapCreate
SetFilePointer
SetLastError
HeapReAlloc

comctl32

InitCommonControlsEx

user32

PostMessageW
RegisterClassExA
IsCharAlphaNumericW
RegisterClassA
SetMenuInfo
EndTask

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b818de1600166d16e837edba25d6dbfc

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 148KB - Virtual size: 148KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 148KB - Virtual size: 148KB

.rsrc
Size: 4KB - Virtual size: 4KB