ea5c9f4c24e274bcb4a9a40a2f64984f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea5c9f4c24e274bcb4a9a40a2f64984f_JaffaCakes118
Size

207KB
MD5

ea5c9f4c24e274bcb4a9a40a2f64984f
SHA1

11f9f2bfc4d83fb52629ce1119fdda8422d8e4f0
SHA256

63b665ce499a2ddbde15b3b27e7fc506424498e9b89c2c4740e03961ae8e3c73
SHA512

904b88483690c0e5876c5ad845354f598e6351de7b2f3f30052722aaf593fa3cb778a1fcf87349b7098cd4318e62e0363a431d5eea2e8f9fb49cf016072748e0
SSDEEP

3072:4faBn3kBo1DRC+i8sgHXdzZ9BoMZKhFM8VvFSMzuZN6pZWh6SUDB1WK1Q0CWdaX7:aalkBorLzZ94FSdZEZGQG3SaXz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea5c9f4c24e274bcb4a9a40a2f64984f_JaffaCakes118

Files

ea5c9f4c24e274bcb4a9a40a2f64984f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fe7d37cc9dc3c2494e33367e3e6323a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
IsBadCodePtr
SetErrorMode
GlobalGetAtomNameA
RemoveDirectoryA
GetCurrentThreadId
GetUserDefaultLangID
GetLogicalDrives
GetVersionExW
ExitThread
GetCalendarInfoW
GetModuleHandleW
OpenFile
GetEnvironmentVariableA
IsBadStringPtrW
FlushFileBuffers
OpenEventW
GetSystemDirectoryA
SetCurrentDirectoryW
EnumDateFormatsA
lstrcmpA
GetModuleHandleA
GetLongPathNameW
CreateThread
AddAtomA
SuspendThread
GetModuleFileNameW
FatalAppExitW
GetProcAddress
GetCurrentProcessId
ExpandEnvironmentStringsW
CreateFileMappingW
CompareStringW
SetCalendarInfoW
GetFileType
MultiByteToWideChar
GetCurrentThread
OpenEventA
CompareFileTime

user32

AnimateWindow
CopyImage
GetClassInfoW
GetKeyboardLayout
LoadIconW
LoadMenuA
LoadMenuIndirectW
DefFrameProcW
RegisterClassW
GetMessageW
UnregisterClassW
UpdateLayeredWindow
UnregisterClassA
SetWindowLongW
IsDlgButtonChecked
GetSysColor
wsprintfW
DestroyIcon
GetActiveWindow
GetDlgItemTextW
GetWindowTextA
AppendMenuA
DialogBoxIndirectParamA
IsChild
WinHelpA
GetIconInfo

gdi32

GetLogColorSpaceW
ExtEscape
AngleArc
EqualRgn
EnumFontFamiliesA
GetCharWidthW
GetDIBColorTable
CreateHatchBrush
PlayEnhMetaFile
DPtoLP
CreateDCA
StretchDIBits
StartPage
GetMetaFileBitsEx
CloseMetaFile
GetMiterLimit
GetRegionData

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyW
RegOpenKeyExA
RegEnumValueW
RegRestoreKeyA

setupapi

CM_Free_Res_Des_Handle
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassImageList
SetupTerminateFileLog

version

VerFindFileW
VerFindFileA

inetcomm

HrGetDisplayNameWithSizeForFile
MimeOleFileTimeToInetDate
MimeOleCreateHeaderTable
MimeEditDocumentFromStream
MimeEditViewSource
MimeOleStripHeaders
MimeOleSMimeCapInit
EssMLHistoryEncodeEx
EssSecurityLabelEncodeEx
CreateNNTPTransport
MimeOleParseRfc822AddressW
EssContentHintEncodeEx
HrGetAttachIcon
MimeOleSMimeCapsToDlg
HrGetLastOpenFileDirectory
CreateIMAPTransport
MimeOleGetInternat
MimeOleSMimeCapGetEncAlg

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 2KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Aopa
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fGFsx
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.P
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TzO
Size: 2KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QzOC
Size: 512B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ILag
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZKcOh
Size: 512B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JuiiU
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSUB
Size: 1KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fe7d37cc9dc3c2494e33367e3e6323a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

setupapi

version

inetcomm

Sections

.text Size: 12KB - Virtual size: 11KB

.s Size: 2KB - Virtual size: 27KB

.Aopa Size: 1024B - Virtual size: 9KB

.fGFsx Size: 3KB - Virtual size: 21KB

.P Size: 1KB - Virtual size: 18KB

.TzO Size: 2KB - Virtual size: 15KB

.QzOC Size: 512B - Virtual size: 15KB

.ILag Size: 1024B - Virtual size: 30KB

.ZKcOh Size: 512B - Virtual size: 35KB

.data Size: 7KB - Virtual size: 7KB

.JuiiU Size: 1KB - Virtual size: 36KB

.RSUB Size: 1KB - Virtual size: 163KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.s
Size: 2KB - Virtual size: 27KB

.Aopa
Size: 1024B - Virtual size: 9KB

.fGFsx
Size: 3KB - Virtual size: 21KB

.P
Size: 1KB - Virtual size: 18KB

.TzO
Size: 2KB - Virtual size: 15KB

.QzOC
Size: 512B - Virtual size: 15KB

.ILag
Size: 1024B - Virtual size: 30KB

.ZKcOh
Size: 512B - Virtual size: 35KB

.data
Size: 7KB - Virtual size: 7KB

.JuiiU
Size: 1KB - Virtual size: 36KB

.RSUB
Size: 1KB - Virtual size: 163KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1KB - Virtual size: 1KB