eda392d4d47225ec111b5ed53db9f4ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eda392d4d47225ec111b5ed53db9f4ca_JaffaCakes118
Size

244KB
MD5

eda392d4d47225ec111b5ed53db9f4ca
SHA1

1a3aad72107a460b615bfca3259d734ccdef15f7
SHA256

caba5d5412fa66627abbe7fa5a51f054b1494dac11a2cdcae378a4491523152a
SHA512

1482a085629fcb0fe8515f50a10e71a8c8cdb43850f396ed29a5e5fc7d9d56f8ca23dcc1f77db0930cb00645b6706d666d2458f0737738d077ae907c31d2b8a5
SSDEEP

6144:ixtIQNkDtT50qEAPuHHOxhHpp5fq728b38Dls:mtmlPunO3HrIb0ls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eda392d4d47225ec111b5ed53db9f4ca_JaffaCakes118

Files

eda392d4d47225ec111b5ed53db9f4ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83cbd97656f540dd3e7b7b22386492b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
GetWindowLongW
FillRect
IsIconic
EnableMenuItem
TranslateMDISysAccel
GetMessagePos
FindWindowA
DrawAnimatedRects
GetActiveWindow
KillTimer
DefWindowProcA
CloseClipboard
DispatchMessageW
CharUpperBuffA
IntersectRect
MsgWaitForMultipleObjects
PeekMessageW
SetPropA
wsprintfA
LoadStringA
GetClassNameA
SetMenuItemInfoA
AdjustWindowRectEx
InsertMenuA
GetKeyboardState
IsWindowVisible
IsDialogMessageW
GetWindow
EqualRect
SetRect
UnhookWindowsHookEx
ClientToScreen
SetCapture
WaitMessage
GetMenu
SetScrollPos
GetMenuItemCount
SetWindowPlacement

comctl32

ImageList_Add
ImageList_Remove
ImageList_DragShowNolock
ImageList_Read

comdlg32

GetFileTitleA

shlwapi

PathIsContentTypeA
SHQueryValueExA

oleaut32

VariantChangeType
SafeArrayUnaccessData
OleLoadPicture
SafeArrayGetElement
SysFreeString
SysStringLen

shell32

SHGetFileInfoA
SHGetFolderPathA

kernel32

VirtualFree
GetCurrentThread
InitializeCriticalSection
GlobalFindAtomA
HeapAlloc
LoadLibraryA
WriteFile
CreateFileA
ExitProcess
VirtualAllocEx
ExitThread
CloseHandle
GetVersion
SetErrorMode
LocalReAlloc
GetCommandLineA
GetDateFormatA
LoadResource
VirtualQuery
WideCharToMultiByte
lstrcpyA
GetLocalTime
lstrcatA
GetProcessHeap
LoadLibraryExA
LockResource
GetModuleFileNameA
GetUserDefaultLCID
VirtualAlloc
SizeofResource
GetModuleHandleA
GetACP
lstrcmpiA
LocalFree
HeapFree
GetCurrentThreadId
FindFirstFileA
Sleep
GetTickCount
lstrlenA
MoveFileA
GetFullPathNameA

msvcrt

strcmp
pow
memmove

version

GetFileVersionInfoSizeA
VerInstallFileA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83cbd97656f540dd3e7b7b22386492b9

Headers

File Characteristics

Imports

user32

comctl32

comdlg32

shlwapi

oleaut32

shell32

kernel32

msvcrt

version

Sections

.text Size: 28KB - Virtual size: 28KB

.idata Size: 1024B - Virtual size: 608B

.edata Size: 213KB - Virtual size: 213KB

.text
Size: 28KB - Virtual size: 28KB

.idata
Size: 1024B - Virtual size: 608B

.edata
Size: 213KB - Virtual size: 213KB