ea4ff77cee0680414010d0e303cfab95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea4ff77cee0680414010d0e303cfab95_JaffaCakes118
Size

176KB
MD5

ea4ff77cee0680414010d0e303cfab95
SHA1

c3abfd6adfb2c0daebdf9885e24b721a15fc46d3
SHA256

b055b973b23f02e9df6957f8875b697895ac8cf1102eb60040333498ee70aa7e
SHA512

0c1925d7cd13c65519ae802dac575ca21e7dc085351cebc16d178e97ab1110c48e58128a648c2120303aae76c646d79d6b4b5be909e38afb10ef12f7909fbd4c
SSDEEP

3072:Dx2LtSedq80UZ4tFmOjeIc676CahKWb2HEQn/KOPVbtCb78:Mld/iFjIhNwEQn/KuVk4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea4ff77cee0680414010d0e303cfab95_JaffaCakes118

Files

ea4ff77cee0680414010d0e303cfab95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c4b7f056246e654ec5b2af15bfe5573

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PtVisible
ExtTextOutW
OffsetViewportOrgEx
SetMapMode
DeleteDC
GetClipBox
SetTextColor
DeleteObject
SetViewportOrgEx
RectVisible
SetBkColor
SaveDC
ScaleWindowExtEx
SetWindowExtEx
RestoreDC
GetDeviceCaps
CreateBitmap
TextOutW
SetViewportExtEx
ScaleViewportExtEx
SelectObject
Escape
GetStockObject

user32

GetWindowTextW
GetParent
EnableWindow
GetLastActivePopup
IsWindowEnabled
GetMenuCheckMarkDimensions
GetSysColor
GetDC
GetSystemMetrics
LoadBitmapW
LoadCursorW
MessageBoxW
CheckMenuItem
EnableMenuItem
ReleaseDC
GetWindowLongW
ModifyMenuW
GetSysColorBrush

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

kernel32

UnhandledExceptionFilter
GetStartupInfoA
GetModuleFileNameA
HeapAlloc
SetUnhandledExceptionFilter
GetShortPathNameW
SetFilePointer
IsBadReadPtr
TerminateProcess
SetHandleCount
HeapSize
GetSystemInfo
GetStringTypeA
VirtualAlloc
GetProcessAffinityMask
GetCommandLineA
IsBadCodePtr
GetEnvironmentStringsW
GetStringTypeW
GetTickCount
GetOEMCP
HeapFree
GetFileType
EnumResourceTypesW
IsBadWritePtr
GetCurrentProcess
GetCurrentProcessId
QueryPerformanceCounter
HeapReAlloc
RtlUnwind
GetStdHandle
FreeEnvironmentStringsW
SetStdHandle
VirtualFree
GetSystemTimeAsFileTime
HeapDestroy
GetFileAttributesA
FlushFileBuffers
WriteFile
LCMapStringW
LCMapStringA
GetEnvironmentStrings
GetCPInfo
HeapCreate
VirtualQuery
VirtualProtect
ExitProcess

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shlwapi

PathAppendW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c4b7f056246e654ec5b2af15bfe5573

Headers

File Characteristics

Imports

gdi32

user32

advapi32

kernel32

winspool.drv

ole32

shlwapi

shell32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 248KB