3290130f8808ecf47566e8d0cf7b1a8d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3290130f8808ecf47566e8d0cf7b1a8d_JaffaCakes118
Size

356KB
MD5

3290130f8808ecf47566e8d0cf7b1a8d
SHA1

1124c049afd13f1aa04e27ed2b94a42ff0cf7ad2
SHA256

13e7c87ea6175b80f8fb102158b907b7583eb2f27b23c0ab6a9cb88c5cdd3364
SHA512

8077a5b476ce4445c439b2f447e88e6a647d1a68307c5c07c99ec56ade8b47b06c2e01617f1b775cfc4ba411feed652dbd51529e0cc18977d6bf555cc1221cc0
SSDEEP

6144:4GjJcBxTpASrCw8gZ+UmDVzi8hBwX5CNwB036qFjsL9ULDXtlPj4mbCubvyEr:4TxiGge8h6X5CNwB03zFApULDXtlr4mn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3290130f8808ecf47566e8d0cf7b1a8d_JaffaCakes118

Files

3290130f8808ecf47566e8d0cf7b1a8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

879e08c36cf74ae1337674b87c07e16e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\EJOSTAE\EOOI.PDB

Imports

kernel32

FreeEnvironmentStringsW
WriteFile
GetModuleHandleA
InitializeCriticalSection
TlsSetValue
GetCommandLineA
CompareStringW
GetVersion
TerminateProcess
CompareStringA
RtlUnwind
GetCPInfo
GetModuleFileNameA
GetACP
InterlockedDecrement
GetFileType
GetSystemTimeAsFileTime
SetStdHandle
SetHandleCount
GetProcAddress
FreeEnvironmentStringsA
SetFilePointer
LCMapStringA
WaitForSingleObject
GetEnvironmentStrings
ReadFile
CreateMutexA
SetConsoleTitleW
GetCurrentProcessId
GetStdHandle
UnhandledExceptionFilter
GetLastError
GetStringTypeA
HeapReAlloc
QueryPerformanceCounter
IsBadWritePtr
GetLocalTime
GetCurrentThread
GetUserDefaultLangID
GetTimeZoneInformation
VirtualFree
HeapFree
InterlockedIncrement
OpenMutexA
ResetEvent
LeaveCriticalSection
SetLastError
VirtualProtect
VirtualQuery
GetCurrentProcess
LCMapStringW
GetTickCount
DeleteCriticalSection
GetSystemTime
EnterCriticalSection
HeapCreate
TlsFree
SetLocaleInfoW
FlushFileBuffers
GetCurrentThreadId
WideCharToMultiByte
VirtualAlloc
GetOEMCP
GetStringTypeW
WritePrivateProfileStringW
TlsAlloc
GetEnvironmentStringsW
HeapAlloc
GetStartupInfoA
ExitProcess
LoadLibraryA
MultiByteToWideChar
HeapDestroy
SetEnvironmentVariableA
InterlockedExchange
TlsGetValue
CloseHandle

user32

GetMenuItemRect
CloseClipboard
SetSystemCursor
CreateMenu
CreateWindowStationA
CharNextW
SetWindowsHookExW
GetKeyState
ExitWindowsEx
RegisterClipboardFormatW
ChangeClipboardChain
DdeSetQualityOfService
RegisterClassExA
DdeQueryNextServer
RegisterClassA
MapDialogRect
GetOpenClipboardWindow
OpenWindowStationW
OpenIcon
IsClipboardFormatAvailable
DdeCreateDataHandle

comctl32

InitCommonControlsEx

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

879e08c36cf74ae1337674b87c07e16e

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 217KB - Virtual size: 216KB

.rdata Size: 29KB - Virtual size: 34KB

.data Size: 93KB - Virtual size: 93KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 217KB - Virtual size: 216KB

.rdata
Size: 29KB - Virtual size: 34KB

.data
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 15KB - Virtual size: 15KB