aabab68e5d8e84dbefdcb76616e1d315_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aabab68e5d8e84dbefdcb76616e1d315_JaffaCakes118
Size

544KB
MD5

aabab68e5d8e84dbefdcb76616e1d315
SHA1

e05a1577d52d2b5ad1f8907cffafb2d0e6e7c17a
SHA256

5edfe4f6c42b295030696361fce8a6103cfd80ab8e0e0120ffa9a99dafb80776
SHA512

5da6756451f505372d7a18ab079598db4af5d2c2f03b98a8a9b8f476bff1bb4fe2807434b2bc90899248a0fd19fde1fe5f85cc729bf7c7e4635bcd54c697d44d
SSDEEP

12288:sm+yzOPl2W0hcF42Ml/gbexUmnn02dtIU8dK4M/R2I3:sm+yzy/O/witnbf8dZM/R2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aabab68e5d8e84dbefdcb76616e1d315_JaffaCakes118

Files

aabab68e5d8e84dbefdcb76616e1d315_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7258ce7adaa4406ba38f6d59304217f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\eeopope\fjomaeaeh\eestitavbe\

Imports

comctl32

InitCommonControlsEx

user32

RegisterClassExA
GetNextDlgGroupItem
DrawTextExA
MessageBoxA
CreateWindowExA
CopyImage
ShowWindow
LoadCursorW
RegisterClassA
BringWindowToTop
CopyAcceleratorTableA

kernel32

LoadLibraryA
GetModuleFileNameA
GetLocaleInfoA
GetTimeZoneInformation
FreeLibrary
GetTempFileNameA
GetStringTypeA
TlsFree
GetConsoleCP
SetEnvironmentVariableA
WriteConsoleA
ReadFile
GetCurrentProcess
LCMapStringW
RtlUnwind
VirtualFree
WriteConsoleW
HeapAlloc
GetModuleHandleW
TerminateProcess
GetConsoleMode
GetLocaleInfoW
HeapCreate
CompareStringW
SetStdHandle
SetUnhandledExceptionFilter
GetConsoleOutputCP
HeapDestroy
GetEnvironmentStrings
GetCurrentProcessId
GetEnvironmentStringsW
GetTimeFormatA
GetSystemTimeAsFileTime
VirtualQuery
InterlockedDecrement
UnhandledExceptionFilter
WideCharToMultiByte
GetStringTypeExW
CreateFileA
GetACP
GetCurrentThreadId
SetConsoleCtrlHandler
InterlockedIncrement
GetCPInfo
MultiByteToWideChar
OpenMutexA
GetStringTypeW
ExitProcess
FlushFileBuffers
VirtualAlloc
HeapReAlloc
GetModuleHandleA
HeapFree
GetLastError
SetFilePointer
FreeEnvironmentStringsA
TlsGetValue
CreateMutexA
InitializeCriticalSectionAndSpinCount
SetEvent
GetCurrentThread
GetCommandLineA
GetProcAddress
GetDateFormatA
GetFileType
IsDebuggerPresent
IsValidCodePage
IsValidLocale
GetOEMCP
FreeEnvironmentStringsW
EnterCriticalSection
GetTickCount
InterlockedExchange
GetUserDefaultLCID
DeleteCriticalSection
SetLastError
SetHandleCount
CloseHandle
LeaveCriticalSection
QueryPerformanceCounter
HeapSize
WriteFile
LCMapStringA
Sleep
GetStdHandle
TlsAlloc
CompareStringA
GetStartupInfoA
EnumSystemLocalesA
TlsSetValue
DuplicateHandle

gdi32

PolyDraw
GetRgnBox
GetGlyphOutline
DPtoLP
PolyTextOutW
EnumFontFamiliesA
SetMapperFlags
StartDocW
SetDIBitsToDevice

Sections

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7258ce7adaa4406ba38f6d59304217f9

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

gdi32

Sections

.text Size: 373KB - Virtual size: 372KB

.rdata Size: 44KB - Virtual size: 58KB

.data Size: 117KB - Virtual size: 117KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 373KB - Virtual size: 372KB

.rdata
Size: 44KB - Virtual size: 58KB

.data
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 8KB - Virtual size: 8KB