e0fa663a2b37eff802a11f6b46c508c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e0fa663a2b37eff802a11f6b46c508c0_JaffaCakes118
Size

266KB
MD5

e0fa663a2b37eff802a11f6b46c508c0
SHA1

e9b46c337a69bd4c6442e3224e8f622c6ff6de31
SHA256

ba10925ea265e619879b6f2ac40d8204944e1241fd38b3352e76b0691fa3f970
SHA512

008e392b844a57eec350363104c1e21791e37519a783ebee85c7f60350a4141f830db343606f78028e86c8dd7706f983a6f0603c515300548cdc6a08ff442a2b
SSDEEP

6144:GptEopFkOdEWR9fGzEt0afHSVZa0LoqzB2ggLo27wzN+8vIlj:cJRpGuaTaQoAyo279H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0fa663a2b37eff802a11f6b46c508c0_JaffaCakes118

Files

e0fa663a2b37eff802a11f6b46c508c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e5d4a74a8f4bb90fe9bd361a8943d70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
RegQueryValueW

kernel32

ConvertThreadToFiber
CreateFileW
ExitProcess
InitializeCriticalSection
SetUnhandledExceptionFilter
TlsSetValue

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
memcpy
signal
strcpy
wcscpy

user32

AppendMenuW
ChildWindowFromPoint
CreateIconIndirect
CreatePopupMenu
DefMDIChildProcW
DestroyCursor
DestroyIcon
DispatchMessageW
DrawFrameControl
DrawStateW
EnableMenuItem
EndPaint
EnumClipboardFormats
EnumWindows
GetCapture
GetClassNameW
GetClipboardData
GetClipboardFormatNameW
GetDC
GetFocus
GetForegroundWindow
GetKeyState
GetMessagePos
GetSysColor
GetSystemMenu
GetUpdateRect
GetWindowTextW
InvalidateRect
IsDialogMessageW
IsWindow
LoadImageW
MessageBeep
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PostMessageW
PtInRect
RedrawWindow
RegisterClassW
ReleaseCapture
SetCapture
SetForegroundWindow
SetParent
SetWindowPos
ShowWindow
UnregisterHotKey
UpdateWindow
ValidateRect

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 418KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e5d4a74a8f4bb90fe9bd361a8943d70

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 148B

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 576B

.bss Size: - Virtual size: 418KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 148B

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 576B

.bss
Size: - Virtual size: 418KB

.rsrc
Size: 24KB - Virtual size: 23KB