eb5199dfe75871f260433af9b96bd165_JaffaCakes118

General

Target

eb5199dfe75871f260433af9b96bd165_JaffaCakes118
Size

24KB
MD5

eb5199dfe75871f260433af9b96bd165
SHA1

159525a00d50c71e5319629f63ff4c1c411daf11
SHA256

686a1bbbbc57a7856f9b5ff5176f6542fda25f39e07e188fcafac871d5e2294c
SHA512

ae39229706c487a7df3cbbde6d778147197d94ddd468df8beeb38061d0d9951089f0bfec53fac7ef761312e444e77faa2ec482e2d9daada08d9302bd8238b14d
SSDEEP

384:znN4V0ntdOIZIUSygvAKcH60esI75jABMv95JAx3W7EnhT0OuT5cES:6afV7SyPfellAC1PAxdhBuT5VS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb5199dfe75871f260433af9b96bd165_JaffaCakes118

Files

eb5199dfe75871f260433af9b96bd165_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4d8d0c224cd7f78d15a24f9536986b7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtSelectClipRgn
PlayEnhMetaFileRecord
GetEUDCTimeStamp
PlgBlt
GetWinMetaFileBits

user32

wvsprintfW
MsgWaitForMultipleObjects
CheckDlgButton
CliImmSetHotKey
GetMonitorInfoW
DlgDirListComboBoxW
EnumPropsExA
UpdateWindow

kernel32

EnumCalendarInfoA
OpenFileMappingA
SetLastError
SetMailslotInfo
GetModuleHandleA
EndUpdateResourceW
OpenWaitableTimerA
GetCommandLineA
GetConsoleCP
LocalCompact
InterlockedDecrement
InterlockedExchangeAdd
GetConsoleNlsMode
EnterCriticalSection
GetStartupInfoA

advapi32

LsaSetTrustedDomainInformation
BuildExplicitAccessWithNameA
EqualDomainSid
ControlService
SetNamedSecurityInfoExW
ChangeServiceConfig2A
SystemFunction022
CreateWellKnownSid
LsaQueryDomainInformationPolicy

ole32

CoGetPSClsid
CoSetCancelObject
OleRegEnumVerbs
StringFromCLSID
CLIPFORMAT_UserMarshal
CoGetState

msvcrt

_execlpe
is_wctype
strtok
__p__acmdln
_ftime
wcstod
__threadhandle
_mkdir
_getdiskfree
_findnexti64

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d8d0c224cd7f78d15a24f9536986b7e

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

advapi32

ole32

msvcrt

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1008B