e791d83b894392bdf1a76a4ad3513f62_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e791d83b894392bdf1a76a4ad3513f62_JaffaCakes118
Size

118KB
MD5

e791d83b894392bdf1a76a4ad3513f62
SHA1

c866dd4b81896f4462c52d5a99010f3199368874
SHA256

f16bcb3cae7b0d1f1d25d521c2a109b3dd2288724dc7a54e80e77ba5b2d89287
SHA512

56d08f1093899ca9710a4c48e325e0d9863cf19048e6f643f8fb0cb08ba61ea674f92963c380067b6f98b34fd86152904fd2e04d07691ecfba164b7c03d45f0f
SSDEEP

768:RuMoXeyro4cq+9aQQcRZvKvGVV+ezG98UsGJtAL8yaZXQOnS01IW5XrpcpJWIziT:RuMIwG+tZvtVbGjPC8yaSOS1mVcIIO3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e791d83b894392bdf1a76a4ad3513f62_JaffaCakes118

Files

e791d83b894392bdf1a76a4ad3513f62_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7bbf2091d2a459c72c763143f3ecd35d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rtjheWRJKeyWY@#yhJtrjER.pdb

Imports

advapi32

EqualDomainSid
LookupPrivilegeNameA
GetSecurityDescriptorLength
EnumServicesStatusW

comdlg32

GetSaveFileNameW

secur32

GetUserNameExA

winspool.drv

DeletePrinter

user32

GetUpdateRect
GetCursorInfo
DrawCaption
GetKeyboardLayoutNameA
GetSubMenu
DrawMenuBar
GetKeyNameTextW
GetProcessDefaultLayout
GetDialogBaseUnits
GetTitleBarInfo
InsertMenuW

kernel32

FlsFree
lstrlenA
SetProcessWorkingSetSizeEx
GetPriorityClass
PurgeComm
SetThreadUILanguage
DebugBreak
GetThreadLocale
FindFirstChangeNotificationA
GetCurrentActCtx
GetDefaultCommConfigA
VirtualQueryEx
GetStartupInfoW
FlsGetValue
DeviceIoControl
VirtualAllocEx
FindNextFileW
GetProcAddress
GetThreadId

shlwapi

UrlGetLocationW

msvcrt

malloc
fread
fputc

gdi32

StrokePath
FrameRgn
GetTextCharsetInfo
SetPixelV
GetCurrentPositionEx
DeleteDC

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bbf2091d2a459c72c763143f3ecd35d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

comdlg32

secur32

winspool.drv

user32

kernel32

shlwapi

msvcrt

gdi32

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 1024B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 1024B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB