e0e58d3e73df7a8f5fbf2e94f13e85d4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e0e58d3e73df7a8f5fbf2e94f13e85d4_JaffaCakes118
Size

668KB
MD5

e0e58d3e73df7a8f5fbf2e94f13e85d4
SHA1

33f865d15e22b873a5dedfa3b587d94d22027ae4
SHA256

728a3b0a318487982ad1b223dd2f1439f8713ea7632da261f0d629399cbab35d
SHA512

b6011a61ab7a8343628a7a8fd8b36bc2a739003fd2636fa7ac504841210c1acf4d1fb283a723df2d4b61f69246162275ae459e537800a5c38a8e3d59b92e41e3
SSDEEP

12288:iIjDShKmQ/hnomGaFIZ3/iAuG1Nba2jkfqAQ9REEv6mB8ECgOiQrT:iY//hnoXXiAvLvgNQ9R56+8GO9rT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0e58d3e73df7a8f5fbf2e94f13e85d4_JaffaCakes118

Files

e0e58d3e73df7a8f5fbf2e94f13e85d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3c7af281f946dc120a4a33181d7d6fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\kqjteeg\eyheeb\meoiikcgo.pdb

Imports

kernel32

HeapSize
lstrlenA
LCMapStringA
CreateFileA
GetTimeFormatA
GetOEMCP
SetHandleCount
OutputDebugStringW
GetACP
MultiByteToWideChar
GetStdHandle
GetEnvironmentStrings
ExitProcess
LCMapStringW
FreeLibrary
TlsGetValue
RaiseException
HeapAlloc
GetCurrentProcessId
GetTickCount
WriteConsoleA
GetModuleHandleA
GetDateFormatA
GetEnvironmentStringsW
GetConsoleCP
GetCurrentThread
SetLastError
VirtualAlloc
CompareStringW
VirtualQuery
InterlockedDecrement
GetModuleHandleW
WriteConsoleW
HeapCreate
IsValidCodePage
GetCurrentProcess
LoadLibraryA
IsValidLocale
lstrlen
GetNamedPipeHandleStateW
SetConsoleCtrlHandler
OutputDebugStringA
FlushFileBuffers
HeapDestroy
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
TerminateProcess
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
SetFilePointer
CreateMutexA
GetStringTypeW
GetCPInfo
QueryPerformanceCounter
GetProcessHeap
TlsSetValue
InterlockedExchange
Sleep
HeapReAlloc
UnhandledExceptionFilter
EnumSystemLocalesA
IsBadReadPtr
OpenMutexA
CompareStringA
GetLastError
TlsFree
GetCurrentThreadId
VirtualFree
SetStdHandle
LeaveCriticalSection
GetPrivateProfileSectionNamesW
HeapValidate
GetProcAddress
IsDebuggerPresent
GetTimeZoneInformation
LoadLibraryW
WideCharToMultiByte
GetConsoleOutputCP
GetModuleFileNameW
GetUserDefaultLCID
GetCommandLineA
EnterCriticalSection
GetStringTypeA
GetStartupInfoA
HeapFree
GetLocaleInfoW
RtlUnwind
CloseHandle
GetLocaleInfoA
GetProfileIntW
InterlockedIncrement
SetUnhandledExceptionFilter
OpenSemaphoreA
DebugBreak
TlsAlloc
GetConsoleMode
FreeEnvironmentStringsW
GetFileType
WriteFile
ReadFile
GetCalendarInfoW
DeleteCriticalSection
RtlZeroMemory

shell32

SHQueryRecycleBinW
RealShellExecuteA
SHGetPathFromIDList
FreeIconList

comctl32

InitCommonControlsEx

user32

GrayStringA
GetDlgItemTextA
CopyImage
DdeCreateStringHandleA
SetWindowsHookExW
DefDlgProcA
CharLowerBuffA
DdeGetData
OemToCharW
GetMenuItemCount
wvsprintfW
IsDialogMessageA
RegisterClassExA
CreateAcceleratorTableW
GetWindow
RegisterClassA
ReplyMessage
SetDeskWallpaper
NotifyWinEvent
ReuseDDElParam
SetMessageQueue
CharPrevExA

comdlg32

PageSetupDlgA

Sections

.text
Size: 469KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3c7af281f946dc120a4a33181d7d6fb

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

user32

comdlg32

Sections

.text Size: 469KB - Virtual size: 469KB

.rdata Size: 77KB - Virtual size: 103KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 469KB - Virtual size: 469KB

.rdata
Size: 77KB - Virtual size: 103KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 13KB - Virtual size: 12KB