e1c981377a80b770c7d088c2882fb4b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1c981377a80b770c7d088c2882fb4b8_JaffaCakes118
Size

27KB
MD5

e1c981377a80b770c7d088c2882fb4b8
SHA1

03e329957e4bf1a63c4c1f30a95fc21677ab25d8
SHA256

fc11a3bcffbcd623f1522495b01856fe54606fba0aa3cf62b3e04995ca9af37d
SHA512

5b6611250426ade5b008c76c6fe755716da498a8f511a0636e536522549acd693c23772588938a77b4c2dcc82099f021c238a98e51fba08e47195cdd881b0665
SSDEEP

768:TKZt0tAXcMXPXWDpiaM1bgx9ewruwcw0ZI+CqP9J:4cwI9e2BcwcI+CI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1c981377a80b770c7d088c2882fb4b8_JaffaCakes118

Files

e1c981377a80b770c7d088c2882fb4b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8e545fbef98b38cd3a15edb7f14b228

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetModuleFileNameA
OpenEventA
WaitForSingleObject
DeleteFileA
ExitThread
TerminateThread
GetTickCount
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
ResetEvent
WaitForMultipleObjects
lstrcmpA
CreateToolhelp32Snapshot
Process32First
Process32Next
CompareStringA
lstrcpyA
SetFileAttributesA
WinExec
CloseHandle
lstrlenA
MultiByteToWideChar
Sleep
FindResourceA
LoadResource
SizeofResource
CreateFileA
WriteFileEx
WaitForSingleObjectEx
CreateProcessA
RtlUnwind
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
GetCommandLineA
CreateEventA
SetEvent
GetLastError
CreateThread
GetSystemDirectoryA

user32

ShowWindow
SetWindowTextA
CreateWindowExA
TranslateMessage
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
RegisterClassA
CreateWindowExW
wsprintfA
DefWindowProcA
PostQuitMessage
DestroyWindow
MessageBoxA
LoadIconA
FindWindowA
wsprintfW

advapi32

RegSetValueExA
RegCreateKeyA
RegSetValueExW
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegNotifyChangeKeyValue

shell32

Shell_NotifyIconA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysFreeString

wininet

InternetGetConnectedState

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8e545fbef98b38cd3a15edb7f14b228

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 10KB - Virtual size: 10KB