e1ebe7d30cc5a030041d535d2140ff5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1ebe7d30cc5a030041d535d2140ff5c_JaffaCakes118
Size

50KB
MD5

e1ebe7d30cc5a030041d535d2140ff5c
SHA1

cb053ea5dea5afd49fe5b55bbad006f96aac2507
SHA256

1238e3e61f1516cbe4843da3134c94e08f66b04998c8f4c39b4216cff165b7fa
SHA512

24e8173208bc78d84bc6997d48e47296b30b4b962c0121686a4bd29535f63860992ed86250b3a0a39ce4dd642ae2f0d6fed61fef8fc78b4160955590f4743ef4
SSDEEP

384:TLgubgqUMNeLNek+vD+5giEyV/X/diEDc30IlT3y6iIEQUOFgj:Tu0yrOjT34IEogj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1ebe7d30cc5a030041d535d2140ff5c_JaffaCakes118

Files

e1ebe7d30cc5a030041d535d2140ff5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb3e5b467d84bf8e64f2f8f6987a32b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
LoadLibraryExW
GetCommandLineA
CloseHandle
CreateMutexA
GetDriveTypeA
GetTickCount
EnumResourceTypesA
ReleaseMutex
FindClose
SetLastError
DeleteCriticalSection
GetDiskFreeSpaceExW
GetLastError
GetModuleHandleA
VirtualProtect
TlsGetValue
GetExitCodeProcess
GetComputerNameA
Sleep

shell32

ShellAboutA
SHFree
DuplicateIcon
ShellMessageBoxA
ExtractIconA
SHGetDiskFreeSpaceA
DragFinish
DllUnregisterServer
DragQueryFileA
DragAcceptFiles
StrChrA
SHGetMalloc
SHGetSettings

printui

bPrinterSetup
bFolderGetPrinter
vPrinterPropPages
vQueueCreate
PnPInterface

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bbgxzkc
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mqolwpm
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wlyvaem
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iodnndt
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb3e5b467d84bf8e64f2f8f6987a32b3

Headers

File Characteristics

Imports

kernel32

shell32

printui

user32

Sections

.text Size: 1024B - Virtual size: 632B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 522B

.rsrc Size: 44KB - Virtual size: 78KB

bbgxzkc Size: - Virtual size: 30KB

mqolwpm Size: - Virtual size: 34KB

wlyvaem Size: - Virtual size: 34KB

iodnndt Size: - Virtual size: 6KB

.text
Size: 1024B - Virtual size: 632B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 522B

.rsrc
Size: 44KB - Virtual size: 78KB

bbgxzkc
Size: - Virtual size: 30KB

mqolwpm
Size: - Virtual size: 34KB

wlyvaem
Size: - Virtual size: 34KB

iodnndt
Size: - Virtual size: 6KB