e156b78cb30296f4cbf2536fcddb2a4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e156b78cb30296f4cbf2536fcddb2a4b_JaffaCakes118
Size

848KB
MD5

e156b78cb30296f4cbf2536fcddb2a4b
SHA1

65de4ec7da32da5f39bee852fdad5cf2c85a7194
SHA256

777c710a4fa68ab677bfca70416b1e4f7e991aadb754dc47a0dc2b0bf3623894
SHA512

405ac7e89223ced08598be295be0471ea2ec76661a0c8e74d14e37d940aa3cee001c65badf51a5bda19f8fd2466ca1f814912ae88a92efa55432615124d507ce
SSDEEP

12288:ElA6iUGZmU09UJmE/oP3C+dpPbuFPCOY2oMRbIiZNAkTf73k9+SA1eFo0Ouv84C:RNCy43C+dhbtiXZNZmyUfE4C1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e156b78cb30296f4cbf2536fcddb2a4b_JaffaCakes118

Files

e156b78cb30296f4cbf2536fcddb2a4b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

81830f1c3c95f19d00b169af72da0732

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
GetTempPathW
EnumerateLocalComputerNamesA
RemoveVectoredExceptionHandler
GetTickCount
GetCommTimeouts
DnsHostnameToComputerNameW
GetVolumePathNamesForVolumeNameA
VirtualAlloc
EnumSystemCodePagesA
Heap32Next
UTRegister
AttachConsole
GetPrivateProfileSectionNamesW
GetBinaryType
GetConsoleFontSize
FlushInstructionCache
GetNumaNodeProcessorMask
IsValidCodePage
ReadFileScatter
Module32Next
LoadLibraryA
SearchPathA

msvcrt

_ismbchira
_heapused
wcschr
_cexit
_wspawnvpe
asctime
_CIatan
_fstat64
_wexecl
__p__osver
_mbsstr
signal
_safe_fprem
_wfindfirsti64
exp

winmm

mciSendCommandA
mixerGetLineControlsA
waveOutPrepareHeader
mciGetDriverData
waveInStop
PlaySoundW
joy32Message
mixerGetNumDevs
sndPlaySoundW
midiInAddBuffer
waveOutClose
CloseDriver
joyGetPos
mmioSetBuffer
waveOutGetNumDevs

msoert2

AppendTempFileList
HrGetStreamPos
HrIndexOfMonth
PszScanToCharA
PszDupA
CreateTempFile
GetHtmlCharset
CopyRegistry
FIsEmptyA
CreateNotify
MessageBoxInstW
ChConvertFromHex
CchFileTimeToDateTimeW
CreateStreamOnHFileW
HrGetCertificateParam
CreateSystemHandleName
FIsValidFileNameCharA
PszAllocA
HrFindInetTimeZone

user32

RegisterClassA
DefWindowProcA
PostQuitMessage

Sections

.text
Size: 717KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81830f1c3c95f19d00b169af72da0732

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

msoert2

user32

Sections

.text Size: 717KB - Virtual size: 716KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 3KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 717KB - Virtual size: 716KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 3KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB