a2eba70eb5da4a08fb6a846f17916afb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2eba70eb5da4a08fb6a846f17916afb_JaffaCakes118
Size

547KB
MD5

a2eba70eb5da4a08fb6a846f17916afb
SHA1

ec43fd96f81be81194539381c12e3853350d900d
SHA256

751a8a0428a55f2efa91c80c9a628a10586bcde14780eb8c322c65f505dd9a62
SHA512

5bdf4ea79e0ce742427e557c0b2100bc721db2fcc4e117632108b1dde0269c161f747950279f439ec0add693b10611f8a19a507468ad1d93a6323e775ff3aa93
SSDEEP

12288:aLPUQlzgSdLl7wQTgr690AxI4a1uCFzeurGO4gImXYvVBaLri:aLPUQlzZdLZJ10AxI4/u9NXUBaq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2eba70eb5da4a08fb6a846f17916afb_JaffaCakes118

Files

a2eba70eb5da4a08fb6a846f17916afb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73776cea99b68d06d3fb1282eb681c78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumTimeFormatsA
InterlockedExchange
GetVersionExA
LCMapStringW
TlsSetValue
GetTimeFormatA
UnhandledExceptionFilter
GetEnvironmentStringsW
SetEndOfFile
MapViewOfFile
VirtualAlloc
IsValidCodePage
GetCurrentProcess
OpenMutexA
GetLastError
GetProcAddress
HeapDestroy
GetSystemTimeAsFileTime
GetModuleFileNameA
CloseHandle
LoadLibraryA
SetFilePointer
GetOEMCP
TlsAlloc
GetCurrentThread
FreeEnvironmentStringsA
GetCurrentProcessId
GetStartupInfoA
ContinueDebugEvent
EnterCriticalSection
GetShortPathNameA
LocalCompact
GetDateFormatA
GetEnvironmentStrings
InitializeCriticalSection
GetCPInfo
HeapFree
GetStringTypeW
GlobalGetAtomNameA
WriteFile
GetUserDefaultLCID
MultiByteToWideChar
WaitForSingleObjectEx
GetCommandLineA
EnumDateFormatsW
TlsFree
VirtualQuery
GetModuleHandleA
GetStdHandle
GetCurrentThreadId
LeaveCriticalSection
GetNamedPipeHandleStateA
GetStringTypeA
CompareStringA
TerminateProcess
GetThreadPriority
GetModuleFileNameW
EnumSystemLocalesA
IsBadWritePtr
SetHandleCount
HeapCreate
ReadFile
ReleaseSemaphore
SetStdHandle
DeleteCriticalSection
TlsGetValue
GetTickCount
GetTempFileNameA
HeapReAlloc
IsValidLocale
CreateMutexA
GetSystemInfo
RtlUnwind
VirtualProtect
FindClose
QueryPerformanceCounter
CompareStringW
LCMapStringA
SetLastError
HeapAlloc
WideCharToMultiByte
VirtualFree
FreeEnvironmentStringsW
GetFileType
GetACP
SetEnvironmentVariableA
GetLocaleInfoA
FindFirstFileExW
GetTimeZoneInformation
ExitProcess
HeapSize
GetCompressedFileSizeW
FlushFileBuffers
GetLocaleInfoW
GetSystemTime

user32

DlgDirListComboBoxW
GetClassLongW
GetKeyboardLayoutNameW
RegisterClassExA
SetThreadDesktop
SetScrollInfo
DrawFocusRect
RegisterClassA
LoadStringW
ChangeDisplaySettingsExW
DdeNameService
SetMessageExtraInfo
GetIconInfo
GetMenuItemRect
GetMessagePos
FrameRect
GetClassNameA
DdeDisconnect

gdi32

GetTextExtentPointW
CreateColorSpaceA
DeleteEnhMetaFile
CloseFigure
CreateHatchBrush
GetFontLanguageInfo
FillRgn
DeleteColorSpace
EndPage
GetPixelFormat
EnumICMProfilesW
CreateBitmapIndirect
EnumFontFamiliesW
CreateDCA
GetKerningPairsW
GetEnhMetaFileA
GetColorAdjustment
ExtCreatePen
ArcTo
GdiSetBatchLimit
FixBrushOrgEx

comctl32

InitCommonControlsEx

Sections

.text
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73776cea99b68d06d3fb1282eb681c78

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text Size: 218KB - Virtual size: 217KB

.rdata Size: 8KB - Virtual size: 12KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 218KB - Virtual size: 217KB

.rdata
Size: 8KB - Virtual size: 12KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 4KB - Virtual size: 3KB