eb1ccef8f84103b02d0d2ea19730986e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb1ccef8f84103b02d0d2ea19730986e_JaffaCakes118
Size

395KB
MD5

eb1ccef8f84103b02d0d2ea19730986e
SHA1

0c289f28d0ab0a7bf3d1f6bba4a5667aa83fb6bd
SHA256

32eb2f68eff9c1bd62a7bea1096a9dbf05c06e23cde7147588d0a2aac0c8989f
SHA512

49ac520ea36410c1d77832950411a90169de85628f4673059d8ff1df6532b977e28523c35087088a1296ec9c6af9e034da62f2bd6f211e1a93d294541a540e6b
SSDEEP

6144:QfJIN4IKaLZDwZbe6UR0/Jg6huKvjITw1KgUYUkijuYCC:QfJINNKaLZE/UR0/JgW36dYS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb1ccef8f84103b02d0d2ea19730986e_JaffaCakes118

Files

eb1ccef8f84103b02d0d2ea19730986e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da26fbed68db914e9dae4d5843e90ba3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadCursorW
LoadIconW
RegisterClassExW
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcW
DialogBoxParamW
DestroyWindow
EndDialog
LoadBitmapW
SendMessageW
CreateWindowExW
UpdateWindow
ShowWindow
MessageBoxW
GetScrollPos
RegisterClassW
GetDlgItemInt
LockWindowUpdate
SetMenuItemInfoW
OpenClipboard
GetClassNameW
SetDlgItemTextW
MapWindowPoints
ModifyMenuW
SetMenu
SetWindowTextW
PtInRect
GetCursorPos
EndDeferWindowPos
GetDesktopWindow
EnableMenuItem
PostMessageW
SetWindowLongW
SetScrollRange
ShowCaret
GetActiveWindow
FrameRect
GetDlgItemTextW
RedrawWindow
GetDlgCtrlID
GetFocus
GetScrollRange

kernel32

GetConsoleCP
FlushFileBuffers
LCMapStringEx
HeapSize
GetStringTypeW
HeapReAlloc
RtlUnwind
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
TerminateProcess
GetCurrentProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
lstrcmpW
GetStartupInfoA
MapViewOfFile
lstrlenW
GetLastError
GetModuleHandleW
HeapFree
GetCurrentDirectoryW
HeapAlloc
Sleep
GetSystemInfo
GetProcessHeap
GetVersionExW
SetStdHandle
SetFilePointerEx
CloseHandle
WriteConsoleW
IsProcessorFeaturePresent
CreateFileW
InitOnceExecuteOnce
DeleteCriticalSection
GetCommandLineA
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW

gdi32

CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC

comctl32

ord17

shell32

ExtractIconW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da26fbed68db914e9dae4d5843e90ba3

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

shell32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 25KB - Virtual size: 33KB

.rsrc Size: 152KB - Virtual size: 151KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 25KB - Virtual size: 33KB

.rsrc
Size: 152KB - Virtual size: 151KB