e1a67ec853e196a09e9c88d0b71434dd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e1a67ec853e196a09e9c88d0b71434dd_JaffaCakes118
Size

151KB
MD5

e1a67ec853e196a09e9c88d0b71434dd
SHA1

b6cab77c17f42b2730d0bd6b5da3b6c9d17cbebc
SHA256

632d25ea7d63b8d55839bde5c14d925683392a84667a2fef80189e4831b153ec
SHA512

61c6d20ac964c4fae5caa8601ef0312f2d05e26a85e3d5464855f6843a8c4539f4d4bdb6b0b197d91f0ce47c48680a3fde11a2fa359fe4a7d78df2b17e61d548
SSDEEP

1536:q0LkQUCoQBl8nEvdaax5clE4EIi6aFfI6WtJKKD0SET4Bo7ouMLBcYfHGe6t7xwH:q6rsKtT4BE43HGNJyQkQDG1OxozJ2jKj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1a67ec853e196a09e9c88d0b71434dd_JaffaCakes118

Files

e1a67ec853e196a09e9c88d0b71434dd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c5bf3859fa9657513ef780215214c59a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__setusermatherr
_initterm
__p__commode
_XcptFilter
_exit
_wremove
__p__fmode
__set_app_type
memcpy
_strrev
_adjust_fdiv
_beginthread
wcschr
_fpclass
_ismbcsymbol
_acmdln
exit
strlen
_wmakepath
_wutime
_mbscpy
fgets
_except_handler3
__getmainargs
_onexit

kernel32

HeapCreate
CreateThread
GetStringTypeW
GetEnvironmentStrings
OpenProcess
VirtualFree
GetVersion
RaiseException
CreateFileA
SearchPathA
GetLastError
GetNumberFormatA
WriteConsoleA
SetEnvironmentVariableA
GetModuleHandleA
SizeofResource
IsBadStringPtrA
GetModuleFileNameA
GetCurrentProcessId
FindResourceA
VirtualProtect
LCMapStringA
GetStartupInfoA
GetDateFormatA
HeapAlloc
SetUnhandledExceptionFilter
Sleep
GlobalReAlloc
UnhandledExceptionFilter
TlsGetValue
GetCurrentThreadId
GetProcessAffinityMask
IsBadReadPtr
SetErrorMode
IsDebuggerPresent
GetCommandLineA
Module32First

user32

GetSystemMetrics
EnumChildWindows
EndDialog
IsZoomed
GetForegroundWindow
LoadImageA
SetWindowLongA
PostMessageA
GetParent
SetDlgItemTextA
CopyRect
LoadMenuA
GetActiveWindow
EndDeferWindowPos
OffsetRect
ScreenToClient
MoveWindow
GetClassNameA
DestroyWindow
CreateWindowExA
GetDlgItemTextA
PtInRect
SetWindowPos
GetWindowDC
UnionRect
ShowWindow
SendMessageA
GetDlgItem
GetFocus
BeginPaint
SetPropA
DrawFrameControl
SetCursor
FindWindowA
GetClientRect
GetWindowRect
UpdateWindow
EndPaint
InvalidateRect
CallWindowProcA
GetMenu
DefWindowProcA
LoadIconA
DialogBoxParamA
LoadAcceleratorsA
BeginDeferWindowPos
ChildWindowFromPoint
GetDC

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5bf3859fa9657513ef780215214c59a

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 97KB - Virtual size: 128KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 97KB - Virtual size: 128KB

.rsrc
Size: 27KB - Virtual size: 26KB