03eebeadb02c30d3048d729b6097a3d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03eebeadb02c30d3048d729b6097a3d7_JaffaCakes118
Size

568KB
MD5

03eebeadb02c30d3048d729b6097a3d7
SHA1

8e5f3d4b1d9e8a88daaade8a6957c5cf005e8a0d
SHA256

7ffaa7f330734d1ea2c3588ac5edb65a40c609544f6fbee2c7b953d44394f3e9
SHA512

4db40d8e1ddcc473156b24daecec2c7fadf81fb533f5d7921b81d80aa4f4338422f6a1af936b75befef84b5d22ad248bf802a928be00cc443b5b2d6cc4e06d16
SSDEEP

12288:BxL5kw1RJATNMG6/fP2HCnOzhwtFQANc5SebHGlhkx:Bxlkw1RcNMGIP21z6t2ANc0ewh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03eebeadb02c30d3048d729b6097a3d7_JaffaCakes118

Files

03eebeadb02c30d3048d729b6097a3d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4d19677d32e5fd5a55bc05f34c6aeb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
GetModuleHandleA
CompareStringA
HeapDestroy
EnterCriticalSection
GetLocaleInfoW
lstrcpynW
TlsAlloc
ReadConsoleOutputCharacterA
GetLastError
WriteConsoleInputA
GetCurrentProcess
VirtualFree
FlushFileBuffers
GetStartupInfoA
SetStdHandle
GetVersionExA
WideCharToMultiByte
GetEnvironmentStrings
LoadLibraryA
GetProcAddress
TlsGetValue
IsValidCodePage
TlsSetValue
GetCurrencyFormatW
UnhandledExceptionFilter
GetCurrentThread
HeapCreate
MultiByteToWideChar
GetUserDefaultLCID
FreeEnvironmentStringsA
GetCPInfo
LCMapStringA
IsDebuggerPresent
IsValidLocale
QueryPerformanceCounter
GetSystemTimeAsFileTime
InterlockedExchange
GetCurrentThreadId
VirtualQuery
GetDateFormatA
GetACP
GetProcessShutdownParameters
HeapSize
GetStringTypeA
CloseHandle
GetStdHandle
UnmapViewOfFile
IsBadWritePtr
SetLastError
CreateNamedPipeW
GetTickCount
InitializeCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
LeaveCriticalSection
WriteConsoleInputW
GetOEMCP
GetStringTypeW
ReadFile
GetModuleFileNameA
CompareStringW
HeapFree
WriteFile
DeleteCriticalSection
ReleaseSemaphore
GetTempFileNameA
RtlUnwind
VirtualAlloc
TerminateProcess
LoadResource
HeapAlloc
GetCommandLineA
GetSystemInfo
VirtualProtect
TlsFree
GetFileType
SetFilePointer
GetLocaleInfoA
SetEnvironmentVariableA
SetHandleCount
GetCurrentProcessId
CreateMutexA
GetConsoleCP
GetModuleHandleW
ExitProcess
EnumSystemLocalesA
LCMapStringW
GetTimeZoneInformation
SetCriticalSectionSpinCount
HeapReAlloc
GetTimeFormatA

comctl32

InitCommonControlsEx

shell32

CommandLineToArgvW
SHGetNewLinkInfo
SHGetFileInfoA

user32

RegisterClassA
LoadBitmapW
DdeNameService
GetWindowTextLengthW
CreateDialogIndirectParamA
GetAltTabInfo
LoadBitmapA
InvalidateRgn
RegisterClassExA
GetCapture
GetClipboardFormatNameW
GetMenuItemInfoW
SetUserObjectInformationW
GetAsyncKeyState

comdlg32

ChooseFontW
LoadAlterBitmap
PageSetupDlgW

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4d19677d32e5fd5a55bc05f34c6aeb4

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

user32

comdlg32

Sections

.text Size: 227KB - Virtual size: 227KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 227KB - Virtual size: 227KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 17KB - Virtual size: 16KB