2e7eff7109305d41d0fb8bfd6ad8eaa3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e7eff7109305d41d0fb8bfd6ad8eaa3_JaffaCakes118
Size

106KB
MD5

2e7eff7109305d41d0fb8bfd6ad8eaa3
SHA1

b1deb98d955c736ffdac1a0497d008f13bdf3d7a
SHA256

96eeb64c504c208d0dd9326baf211e030100d8931651014d6bbb5d8a7032b60e
SHA512

4aa112808cf78e16d3ace852cf276bd61bc0ddd92102a14fecb5910a83c8790128b49cc0d7922969c0e1bd8486a03e94de41ff2d83793c55565196f617186241
SSDEEP

1536:PoHPsTF8QWlJkSJVtqCvOmpR58V8rsKTqECtOBUFQX1n/WYG7V4tb:tWVqiS8rsKmD+UFktG7V4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e7eff7109305d41d0fb8bfd6ad8eaa3_JaffaCakes118

Files

2e7eff7109305d41d0fb8bfd6ad8eaa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

017006d1c5e500e7b16d79353466e867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
VirtualAlloc
VirtualQuery
EnumCalendarInfoA
ExitProcess
GetVersion
GetFileType
ExitThread
VirtualAllocEx
lstrcmpiA
GetEnvironmentStrings
GetCommandLineA
GetModuleHandleA
FreeLibrary
SetEvent
ResetEvent
SetErrorMode
CompareStringA
HeapDestroy
HeapAlloc
DeleteFileA

shell32

DragQueryFileA
SHGetDiskFreeSpaceA

user32

SetCursor
GetCursorPos
GetWindowDC
IsIconic
GetWindowPlacement
LoadKeyboardLayoutA
GetKeyboardState
CharNextW
SetMenuItemInfoA
GetScrollPos
SetPropA
GetMenuState
RegisterClassA
EndPaint
InvalidateRect
DefMDIChildProcA
GetMenuStringA
ScreenToClient
GetScrollInfo
IsRectEmpty
EmptyClipboard
IsChild
InflateRect
FillRect
SetScrollInfo
GetWindowLongW
AdjustWindowRectEx
GetKeyboardLayoutNameA
ShowOwnedPopups
GetFocus
GetSysColor
GetLastActivePopup
RedrawWindow
CharLowerA
UnregisterClassA
GetCapture
DrawAnimatedRects
TranslateMDISysAccel
GetDesktopWindow
CloseClipboard
SetWindowLongA
IsDialogMessageA
IsWindowEnabled
SetScrollRange
GetCursor
CharToOemA
LoadIconA
RemovePropA
ActivateKeyboardLayout
CreateIcon
TrackPopupMenu
MapVirtualKeyA
SetForegroundWindow
DestroyIcon
ReleaseCapture
OpenClipboard
CharNextA
ClientToScreen
GetIconInfo
CharLowerBuffA
EnumChildWindows
wsprintfA

gdi32

CreateDIBSection
GetCurrentPositionEx
GetClipBox
SetBkColor
SaveDC
GetRgnBox
GetPaletteEntries
CreatePalette

Sections

CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

017006d1c5e500e7b16d79353466e867

Headers

File Characteristics

Imports

version

kernel32

shell32

user32

gdi32

Sections

CODE Size: 32KB - Virtual size: 31KB

.rdata Size: 3KB - Virtual size: 2KB

DATA Size: 69KB - Virtual size: 69KB

CODE
Size: 32KB - Virtual size: 31KB

.rdata
Size: 3KB - Virtual size: 2KB

DATA
Size: 69KB - Virtual size: 69KB