eb7b0cdb91b14d71c418e39b2192cb41_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb7b0cdb91b14d71c418e39b2192cb41_JaffaCakes118
Size

72KB
MD5

eb7b0cdb91b14d71c418e39b2192cb41
SHA1

9f260fd31e247f3d14734d91c3bb2f83289f2834
SHA256

9a53f8152a3be6463536895288e3bff7ad4957c4da6a350cde05fb4b7aa0faa3
SHA512

af978b36b52c9863d9e827be65dbfd427a44566854a0df0e35085cec401a21b4ab0b0a3bf753b8d403a833604ffba87a3d4cd73d6d9423e2e6a1294280f0df30
SSDEEP

1536:yL+QWbx2THbT92+zUqtvzrh7o84hteTl:yL+Qi6dzgqtvzrh7o3h0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb7b0cdb91b14d71c418e39b2192cb41_JaffaCakes118

Files

eb7b0cdb91b14d71c418e39b2192cb41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3055f970dc5ca4a0de9294f493607cbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
GetVersionExA
WritePrivateProfileStringA
OpenProcess
MulDiv
lstrcpyA
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
WriteFile
VirtualFree
ReadProcessMemory
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LCMapStringW
LCMapStringA
HeapAlloc
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
VirtualAlloc
WaitForSingleObject
HeapFree
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
SetEnvironmentVariableA
GetCurrentThreadId
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
VirtualFreeEx
GetExitCodeThread
HeapCreate
CloseHandle
GetLastError
WideCharToMultiByte
LocalFree
RtlUnwind
GetTimeZoneInformation

user32

RegisterWindowMessageA
SendMessageTimeoutA
MessageBoxA
GetWindowRect
SetWindowLongA
ReleaseCapture
EndDialog
IsDlgButtonChecked
GetDlgItem
GetWindowTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSystemMenu
AppendMenuA
DeleteMenu
DialogBoxParamA
SendMessageA
LoadCursorA
CheckDlgButton
GetSystemMetrics
LoadIconA
SetWindowPos
GetDC
GetSysColor
ChildWindowFromPoint
SetCapture
SetCursor
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
GetClassNameA
ScreenToClient
GetParent
ChildWindowFromPointEx
GetWindow
PtInRect
GetWindowLongA
SetWindowTextA
FindWindowA
BringWindowToTop
ShowWindow

gdi32

CreateFontIndirectA
CreateSolidBrush
SetTextColor
SetBkColor
GetDeviceCaps

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
OleRun
CoCreateInstance

oleaut32

GetErrorInfo
SysAllocStringByteLen
SysAllocString
VariantInit
VariantClear
SysFreeString
SysStringLen

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3055f970dc5ca4a0de9294f493607cbd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 12KB - Virtual size: 47KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 12KB - Virtual size: 47KB