eb45cabbccc575a178afa675b49c392d_JaffaCakes118

General

Target

eb45cabbccc575a178afa675b49c392d_JaffaCakes118
Size

340KB
MD5

eb45cabbccc575a178afa675b49c392d
SHA1

503ec0876207855571d1c08c80cf6f1e2101386f
SHA256

e8d146036b158ece93c262e4981378619481efbe4cadf499164c673d981c7bb5
SHA512

3ccc1ae9628afe45da8edece23b5402cfbf664b1c1828cfd2a2f6dbaaf563f6fb5252ad9408496c2e38820bb3c5e606fc804a4ed5df04ffa9639e39215c0944c
SSDEEP

192:xKcY3hAY3h+sWCuBO1eJ5o8+vAURqNmeB++u+Td1HFV1/WbYEg6:xc3l3oXlO1eJ5koUcNmeB+251HlWXg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb45cabbccc575a178afa675b49c392d_JaffaCakes118

Files

eb45cabbccc575a178afa675b49c392d_JaffaCakes118
.exe windows:0 windows x86 arch:x86

63e5de136e4141a552cb0a983a0dacf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ActivateActCtx
AddAtomA
AddAtomW
BackupWrite
BaseFlushAppcompatCache
BaseInitAppcompatCache
BaseQueryModuleData
BindIoCompletionCallback
BuildCommDCBAndTimeoutsW
ContinueDebugEvent
ConvertFiberToThread
CopyFileW
CreateActCtxA
CreateDirectoryExA
CreateDirectoryExW
CreateFileA
CreateHardLinkW
CreateIoCompletionPort
CreateNlsSecurityDescriptor
CreateProcessInternalWSecure
CreateTapePartition
CreateThread
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DebugActiveProcess
DebugBreak
DecodePointer
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EncodeSystemPointer
EnumTimeFormatsW
EscapeCommFunction
ExitThread
ExpandEnvironmentStringsA
FatalAppExitA
FatalExit
FillConsoleOutputCharacterA
FoldStringW
FormatMessageW
FreeConsole
FreeLibraryAndExitThread
GetBinaryTypeA
GetCPFileNameFromRegistry
GetCPInfo
GetCommState
GetCommTimeouts
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleInputWaitHandle
GetConsoleKeyboardLayoutNameW
GetConsoleWindow
GetCurrentDirectoryW
GetCurrentProcessId
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDriveTypeW
GetEnvironmentVariableA
GetHandleContext
GetHandleInformation
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeHandleStateW
GetNextVDMCommand
GetPrivateProfileStructW
GetProcAddress
GetProcessIoCounters
GetProcessShutdownParameters
GetProfileIntW
GetProfileStringW
GetQueuedCompletionStatus
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetSystemRegistryQuota
GetSystemTimes
GetSystemWow64DirectoryW
GetThreadContext
GetThreadTimes
GetVolumePathNameW
GetVolumePathNamesForVolumeNameW
GlobalMemoryStatusEx
Heap32First
HeapExtend
HeapLock
HeapQueryTagW
HeapSummary
InitializeCriticalSectionAndSpinCount
InterlockedExchange
InterlockedFlushSList
InterlockedIncrement
LZOpenFileA
LoadLibraryA
LoadLibraryW
LoadModule
LoadResource
LocalAlloc
LocalLock
LockFile
MoveFileExW
MoveFileWithProgressW
NlsGetCacheUpdateCount
NlsResetProcessLocale
OpenSemaphoreW
OpenWaitableTimerA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryWin31IniFilesMappedToRegistry
ReadConsoleOutputA
ReadFile
RegisterConsoleOS2
RemoveLocalAlternateComputerNameA
RtlFillMemory
SetCalendarInfoA
SetComPlusPackageInstallStatus
SetCommMask
SetComputerNameW
SetConsoleMenuClose
SetConsoleOutputCP
SetConsolePalette
SetConsoleTitleA
SetConsoleWindowInfo
SetProcessAffinityMask
SetProcessPriorityBoost
SetSystemTime
SetThreadExecutionState
SetUnhandledExceptionFilter
SetVDMCurrentDirectories
SignalObjectAndWait
TzSpecificLocalTimeToSystemTime
ValidateLocale
VirtualFree
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteFileEx
WriteProfileStringA
_lopen
lstrcpy

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63e5de136e4141a552cb0a983a0dacf5

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB