e0aafaa5a81f28660b80dfa27f9ef4d2_JaffaCakes118

General

Target

e0aafaa5a81f28660b80dfa27f9ef4d2_JaffaCakes118
Size

41KB
MD5

e0aafaa5a81f28660b80dfa27f9ef4d2
SHA1

dd746783b9593fe3c318e141fcf3e5fb42c86383
SHA256

1a4f17f9941823bfd6ae2bd2ef2253172997bc7607218528dbc5e94e621678ba
SHA512

a9f6e8189b8cbb6fe11524984519acd6a9d9101ecb040d4090f086595d5ad05f609991a3dafc10e5dea568c2632b10ebf61709f127733c08254fc8fa7d098cab
SSDEEP

768:y9NliYmCs8H/XEEhJouJbZslUgzm80ITuE:IXsU/XFoN6km80suE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0aafaa5a81f28660b80dfa27f9ef4d2_JaffaCakes118

Files

e0aafaa5a81f28660b80dfa27f9ef4d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38c7eee57875188fcff1eaf8b3d0413d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcmpA
CreateProcessA
GetTempPathA
CopyFileA
lstrcatA
lstrcpyA
GetModuleHandleA
GetProcAddress
GetVersionExA
LCMapStringA
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
LCMapStringW
GetCurrentProcess
TerminateProcess
GetStartupInfoA
ExitProcess

user32

MessageBeep
DestroyWindow
LoadIconA
EnableWindow
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
PostQuitMessage
ShowWindow
wsprintfA
LoadCursorA
GetDlgItem
GetCursorPos
RegisterClassExA
PtInRect
SetWindowLongA
InvalidateRect
BeginPaint
EndPaint
GetDesktopWindow
GetWindowDC
ReleaseDC
GetParent
ScreenToClient
MoveWindow
CharLowerA
GetWindowLongA
GetWindowRect
MapWindowPoints
DrawTextA
GetWindowTextA
DdeInitializeA
DdeCreateStringHandleA
CreateDialogParamA
SetForegroundWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
KillTimer
SetDlgItemTextA
MessageBoxA
SetClassLongA
SetTimer
DefWindowProcA

gdi32

SetBkMode
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteObject
SelectObject
SetTextColor
GetTextExtentPoint32A

advapi32

RegOpenKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA

Sections

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38c7eee57875188fcff1eaf8b3d0413d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 20KB - Virtual size: 19KB