e2efb26151a3a5c2e9b4d144e296b025_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e2efb26151a3a5c2e9b4d144e296b025_JaffaCakes118
Size

304KB
MD5

e2efb26151a3a5c2e9b4d144e296b025
SHA1

b932bdcf98af633a2f7c69520175ad05700b5a60
SHA256

e93041777d59c7ffaac50f59021867165b51fec031a831344e841b96c9eee285
SHA512

0dc0115d329b0cccfbe393fd51d08632be59a20356fa73cb6cf8a61dfa1affda25dc0b0a979e5ad50f346b4b9ec8fb499e62a966c09fdc8607686fd48800d113
SSDEEP

6144:Q0q7I4TBHaaLw+7EnQuwSbT0lLHD/q+VpZuAi:Qj7Im6T6M3wSn85pZuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2efb26151a3a5c2e9b4d144e296b025_JaffaCakes118

Files

e2efb26151a3a5c2e9b4d144e296b025_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0e7d128d4b5992167d25f1aac82b8e5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EWJtCompositionWinwre.pdb

Imports

msacm32

acmDriverEnum

crypt32

CryptInstallDefaultContext

winspool.drv

GetPrinterW
DocumentPropertiesW
EndDocPrinter

wininet

FtpOpenFileA

shlwapi

SHCopyKeyW
StrToIntExW

secur32

QuerySecurityPackageInfoW

opengl32

glMapGrid1f

setupapi

SetupDiEnumDeviceInfo
SetupGetLineTextA
SetupDiBuildClassInfoListExW
SetupDiGetClassInstallParamsA
SetupQueueCopyIndirectW

winmm

PlaySoundW

advapi32

RegDisablePredefinedCacheEx
CreateRestrictedToken
TreeResetNamedSecurityInfoW
SetSecurityDescriptorSacl
LookupPrivilegeValueW

esent

JetCommitTransaction

user32

TrackPopupMenuEx
ModifyMenuA
MonitorFromPoint
TranslateAcceleratorA
IsClipboardFormatAvailable

ws2_32

listen

msvfw32

ICCompressorFree

ole32

CoGetObject

rasapi32

RasSetCustomAuthDataW

imm32

ImmSetCompositionWindow
ImmSimulateHotKey

wintrust

WTHelperGetProvSignerFromChain

rpcrt4

UuidToStringW
I_RpcSessionStrictContextHandle
RpcBindingSetAuthInfoExA

oleaut32

SafeArrayLock
CreateTypeLi

kernel32

GetSystemWow64DirectoryA
GetDefaultCommConfigA
CopyFileA
CallNamedPipeW
OpenSemaphoreA
GetModuleHandleA
UnhandledExceptionFilter
GetNamedPipeHandleStateA
FindCloseChangeNotification
CreateSemaphoreA

gdi32

CreateMetaFileA
GetTextExtentExPointA
CreateSolidBrush
GetEnhMetaFilePaletteEntries
GetPaletteEntries
EnumFontsA

msvcrt

fprintf

ntdsapi

DsBindWithCredA

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e7d128d4b5992167d25f1aac82b8e5b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msacm32

crypt32

winspool.drv

wininet

shlwapi

secur32

opengl32

setupapi

winmm

advapi32

esent

user32

ws2_32

msvfw32

ole32

rasapi32

imm32

wintrust

rpcrt4

oleaut32

kernel32

gdi32

msvcrt

ntdsapi

Sections

.text Size: 220KB - Virtual size: 218KB

.data Size: 52KB - Virtual size: 57KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 220KB - Virtual size: 218KB

.data
Size: 52KB - Virtual size: 57KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 17KB