eb38cd7c585206f667bdb82daa8aa1bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb38cd7c585206f667bdb82daa8aa1bf_JaffaCakes118
Size

39KB
MD5

eb38cd7c585206f667bdb82daa8aa1bf
SHA1

92db5042bc3480f784facf1fe99047a32ad4f6f5
SHA256

cfead7c7825efe22480881117653c6deba22271ba9710c05cc7988ce9defe08a
SHA512

7e6097208f645930ce11b5d674f48ba72f7d0b38e02385c0d2894b3f8ff049d8f753e2b404b31f1cfb3dd20bfd04dbd74480f562e537933a7288bad407f5ce11
SSDEEP

768:qfe+gOL7pyLbxTiMkB/X6tky8FFiI16HQ:qfRxcNTiMkBPBFt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb38cd7c585206f667bdb82daa8aa1bf_JaffaCakes118

Files

eb38cd7c585206f667bdb82daa8aa1bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27d969a372addb16daf764ecab5c7e1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetSystemTimeAsFileTime
CreateEventW
GetProcessHeap
CreateThread
EnterCriticalSection
GetProcAddress
HeapAlloc
DisableThreadLibraryCalls
GetProcessHeap
InitializeCriticalSection
GetTickCount
LeaveCriticalSection
GetTickCount
VirtualProtect
QueryPerformanceCounter
GetModuleHandleA
VirtualProtect
InterlockedIncrement
QueryPerformanceCounter
FreeLibrary
Sleep
VirtualProtect
InterlockedDecrement
FreeLibrary
UnhandledExceptionFilter
LoadLibraryA
InterlockedDecrement
VirtualProtect
DisableThreadLibraryCalls
Sleep
DisableThreadLibraryCalls
InterlockedDecrement
GetVersionExA
LocalAlloc
SetLastError
CreateFileW
CreateThread
GetModuleFileNameW
ReadFile
GetProcessHeap
GetModuleFileNameW
HeapFree
LoadLibraryA
DisableThreadLibraryCalls
InterlockedDecrement
GetProcAddress
CloseHandle
ReadFile
GetModuleFileNameA
LeaveCriticalSection
MultiByteToWideChar
GetModuleHandleW
GetCurrentProcess
VirtualAlloc
HeapAlloc
CreateFileW
DisableThreadLibraryCalls
SetLastError
Sleep
MultiByteToWideChar
VirtualProtect
FreeLibrary
Sleep
lstrcmpiW
CloseHandle
VirtualProtect
InitializeCriticalSection
GetModuleFileNameW

user32

GetSysColor
SetWindowLongW
IsDlgButtonChecked
SetFocus
SetCursor
SetWindowTextW
TranslateMessage
DispatchMessageW
MessageBoxW
KillTimer
BeginPaint
PeekMessageW
SendDlgItemMessageW
DestroyWindow
EnableWindow
DestroyWindow
TranslateMessage
SendMessageW
ShowWindow
SetWindowLongW
CreateWindowExW
GetSysColor
PostQuitMessage
BeginPaint
DialogBoxParamW
GetSystemMetrics
SetDlgItemTextW
InvalidateRect
GetClientRect
DispatchMessageW
DialogBoxParamW
DestroyWindow
PostQuitMessage
PeekMessageW
ReleaseDC
IsDlgButtonChecked
IsDlgButtonChecked
CharNextW
GetDlgItem
EndPaint
DestroyWindow
EndDialog
KillTimer
GetDC
DialogBoxParamW
GetParent
DialogBoxParamW
DialogBoxParamW
SetWindowLongW
GetWindowRect
EndDialog
BeginPaint
KillTimer
GetWindowLongW
PeekMessageW
BeginPaint
GetClientRect
GetClientRect
SetCursor
SetCursor
InvalidateRect
GetWindowRect
GetSysColor
SetWindowTextW
SendMessageW
EndDialog
PeekMessageW
LoadCursorW
SetCursor

Sections

.text
Size: 32KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27d969a372addb16daf764ecab5c7e1d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB