ea27157c6ff85661cda1e0fd1d17236b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea27157c6ff85661cda1e0fd1d17236b_JaffaCakes118
Size

80KB
MD5

ea27157c6ff85661cda1e0fd1d17236b
SHA1

876f3a32ebe03cec1e18d2c598ef6d1d9e577a86
SHA256

700bd7d5f5e4563af0b64843dc749914b964129ba1922d7b18d4817bc9792797
SHA512

8a05bd7e11efdf62cc66476fa40d3f76b9c9d70c332fb0f6b60aca8195e710646206a1c4766edc67a52cadbb7c5772dc599ecff4fe1d686cb0c67197423629de
SSDEEP

1536:D549ttztxcstA/YOt5VVMDwSn7u9lhYOkk4PvJKIt06ZgXk:D5ithXtA/YObMsC7u9YO6vJZt06ZgX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea27157c6ff85661cda1e0fd1d17236b_JaffaCakes118

Files

ea27157c6ff85661cda1e0fd1d17236b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d38ba853fba2c723102fc973ffb9942

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
OpenSemaphoreA
SetFilePointer
SetStdHandle
OpenFileMappingA
CreateFileA
GetLocaleInfoW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
UnmapViewOfFile
WriteFile
CreateEventA
Sleep
MapViewOfFile
LocalFree
CloseHandle
FormatMessageA
GetProcessHeap
GetVersionExA
lstrcmpA
GetLastError
HeapAlloc
HeapFree
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
SetEvent
WideCharToMultiByte
GetCurrentProcessId
FlushFileBuffers
lstrlenA
SetHandleCount
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
TlsAlloc
GetVersion
lstrcpyA
GetOEMCP
GetEnvironmentStringsW
GetEnvironmentStrings
GetCPInfo
FreeEnvironmentStringsA
HeapSize
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcess
HeapReAlloc
GetProcAddress
SetUnhandledExceptionFilter
RtlUnwind
InterlockedDecrement
InterlockedIncrement
RaiseException
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetStartupInfoA
GetCommandLineA
GetACP
LCMapStringW
TerminateProcess
SetLastError
TlsGetValue
LCMapStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess

user32

MsgWaitForMultipleObjects
PostMessageA
TranslateMessage
GetMessageA
DispatchMessageA
LoadCursorA
LoadIconA
RegisterClassA
PeekMessageA
CreateDialogParamA
ShowWindow
wsprintfA
PostQuitMessage
DefWindowProcA

advapi32

ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
GetSecurityDescriptorLength
RegSetValueExA
RegQueryValueExA
InitializeSid
GetSidSubAuthority
GetSidLengthRequired
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
AddAccessAllowedAce
MakeSelfRelativeSD
RegCreateKeyExA
SetSecurityDescriptorOwner
RegSetValueA
RegCloseKey

ole32

CoInitializeEx
CoInitializeSecurity
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
CoLockObjectExternal
StringFromGUID2

oleaut32

DispGetIDsOfNames
SetErrorInfo
SafeArrayAccessData
SafeArrayCreate
SafeArrayLock
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayUnlock
LoadRegTypeLi
VariantChangeType
VariantInit
RegisterTypeLi
VariantClear
LoadTypeLi

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d38ba853fba2c723102fc973ffb9942

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 15KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 15KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 5KB