eba943ee0e0e48b5e49d9ace3972bed8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eba943ee0e0e48b5e49d9ace3972bed8_JaffaCakes118
Size

319KB
MD5

eba943ee0e0e48b5e49d9ace3972bed8
SHA1

079146acfaf5aefe314c16d769e386873ee9d2a2
SHA256

47620fd34babe653aedec66446cb7b2f0dc219129c67de9c227e8f4cd4a2eb74
SHA512

14a0fd7044d0035498f01c36c50a83587885cd1749abe7ca327bb30cb347b99eeb6f0a6670b179688c41c0f90e6c266bfb9bf769af9be4374b12bca8787df800
SSDEEP

6144:L4FLg7A+7h7cAJjCDhXvhrVJ63vuRMyqvRzAzM5cA:kBgD4JrVJ63vWT6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eba943ee0e0e48b5e49d9ace3972bed8_JaffaCakes118

Files

eba943ee0e0e48b5e49d9ace3972bed8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0ddafa1437164c1d619a633f3734896

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExA
RegDeleteKeyA

kernel32

CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
CreateProcessW
lstrlenW
GetEnvironmentStringsW
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
GetLastError
InterlockedIncrement
GetCurrentThreadId
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GlobalLock
FindFirstFileW
CreateFileMappingA
CompareStringA
FindFirstFileA
WriteFile
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetStartupInfoW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
IsValidCodePage
QueryPerformanceCounter
GetOEMCP
GetVersionExW
SetHandleCount
EnterCriticalSection
GetLocaleInfoA
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
RaiseException
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
TlsGetValue
FindClose
GetEnvironmentVariableA
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapFree
HeapAlloc
FindNextFileA
HeapDestroy
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetCurrentThread
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
VirtualAlloc
GetTickCount

gdi32

BitBlt
DeleteObject
SetTextColor
CreateCompatibleDC
SelectObject

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

CallWindowProcA
SendMessageA
InvalidateRect
EnableMenuItem
SystemParametersInfoA
GetSysColor
MessageBoxA
SetWindowTextA
GetDesktopWindow
LoadCursorA
ScreenToClient
GetDlgItem
EndDialog
SetCapture
GetWindowRect
GetSystemMetrics
BeginPaint
ReleaseDC
SetFocus
DispatchMessageA
CreateWindowExA
GetSubMenu
RegisterClassA
IsIconic
GetWindow
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetClientRect
TranslateMessage
UnregisterClassA
EndPaint
IsWindow
SetWindowPos
SetCursor
PeekMessageA

ole32

OleInitialize
OleUninitialize

msvcrt

exit
_exit
_cexit
_controlfp

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0ddafa1437164c1d619a633f3734896

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

version

user32

ole32

msvcrt

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 293KB - Virtual size: 292KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 293KB - Virtual size: 292KB

.rsrc
Size: 1KB - Virtual size: 1KB