e9eca27c5eda8a7fd04a8ae34542f31a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9eca27c5eda8a7fd04a8ae34542f31a_JaffaCakes118
Size

501KB
MD5

e9eca27c5eda8a7fd04a8ae34542f31a
SHA1

efa5a52d2d1ec9193ccc2a32cf6ebd62ebed4e9d
SHA256

18f8b1f685c4bded1ead414ccb33860c31e516633df43cf8778b154f0bd0e39c
SHA512

549560fd2a7194d8aaaeed45f293a2cad86c2794482125f557d02cccfac24047029ee5a6209efe3ed264119d1c1ac04424b779175d4439e034eec84cbb502909
SSDEEP

6144:fJgn0Nlxb4hblED8EFHhcg+/h641bjkf7IGFVVlbMiBJLij9Y2QcTS5XyGB+n:fJgnalx4NlEHBcgChvHmMiPmtXO5X7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9eca27c5eda8a7fd04a8ae34542f31a_JaffaCakes118

Files

e9eca27c5eda8a7fd04a8ae34542f31a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9474305f863eb90536847a150fb3c21e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\keirttacwj\tyjerk\moroe\l

Imports

comctl32

InitCommonControlsEx

wininet

CreateUrlCacheContainerA

user32

LoadBitmapW
ShowOwnedPopups
DragDetect
ScrollWindow
CloseDesktop
SetSystemCursor
GetCapture
RegisterClassExA
SetWindowLongA
FindWindowExA
RegisterClassA
ChildWindowFromPoint

kernel32

LCMapStringW
EnterCriticalSection
SetEnvironmentVariableA
CreateMutexA
InterlockedIncrement
TerminateProcess
GetCurrentProcess
CloseHandle
HeapCreate
OpenMutexA
GetSystemTimeAsFileTime
HeapFree
GetLastError
LoadLibraryA
GetCurrentThread
LCMapStringA
GetTimeZoneInformation
GetUserDefaultLCID
GetFileType
GetVersionExA
SetHandleCount
WriteFile
SetUnhandledExceptionFilter
ExitProcess
VirtualAlloc
GetModuleFileNameA
GetLocaleInfoW
RtlUnwind
InterlockedExchange
WriteConsoleOutputCharacterA
WriteConsoleA
CreateFileA
GetCommandLineA
WideCharToMultiByte
SetFilePointer
GetEnvironmentStringsW
InitializeCriticalSection
GetStringTypeA
HeapSize
GetDateFormatA
HeapAlloc
GetProcessHeap
WriteConsoleW
GetTimeFormatA
GetStdHandle
FreeEnvironmentStringsW
IsValidLocale
IsValidCodePage
Sleep
DeleteCriticalSection
HeapDestroy
GetConsoleOutputCP
GetStringTypeW
TlsSetValue
GetCPInfo
TlsAlloc
GetConsoleMode
SetStdHandle
ReadFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
IsDebuggerPresent
FlushFileBuffers
CompareStringW
SetLastError
QueryPerformanceCounter
GetCurrentThreadId
GetTickCount
GetModuleHandleA
GetProcAddress
TlsFree
SetConsoleCtrlHandler
EnumSystemLocalesA
FreeLibrary
HeapReAlloc
InterlockedDecrement
GetACP
GetCurrentProcessId
CreateThread
GetLocaleInfoA
CompareStringA
MultiByteToWideChar
GetStartupInfoA
TlsGetValue
LeaveCriticalSection
GetOEMCP
VirtualQuery
GetConsoleCP
GetEnvironmentStrings
VirtualFree

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9474305f863eb90536847a150fb3c21e

Headers

File Characteristics

PDB Paths

Imports

comctl32

wininet

user32

kernel32

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 33KB - Virtual size: 57KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 33KB - Virtual size: 57KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 17KB - Virtual size: 17KB