ea63884f524dcde3e47de5f01d7ff06f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea63884f524dcde3e47de5f01d7ff06f_JaffaCakes118
Size

159KB
MD5

ea63884f524dcde3e47de5f01d7ff06f
SHA1

d30a83ef3e07c509916cb2bc325f482be46f927e
SHA256

187ccfcad0c7fb5ff828786dd4fedfdaeb90606bc9b2bb8f74c29110415fd11c
SHA512

721ca18ec0d7c90633ddd1b2964ea54ed4f8818f23db23d5a2a869de764a4e48a1768dfe863085d90f42aa9ab0ed31ca83fbe4ea4128b65bafd4a84bedf69d69
SSDEEP

3072:D91LxQkm4PWGlLW5Trd+4AkCFTJJukX4+IdsWtC389l98dka026SP:p1FQkm4OiLWhrdZ+OkXGeD8D9h2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea63884f524dcde3e47de5f01d7ff06f_JaffaCakes118

Files

ea63884f524dcde3e47de5f01d7ff06f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

514e26a17da4f259076b0b8516da2476

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

LoadCursorW
GetClientRect
GetParent
DispatchMessageW
GetDlgItemTextW
GetWindow
MapWindowPoints
GetClassInfoExW
SystemParametersInfoW
MessageBoxW
GetDC
GetWindowInfo
CreateWindowExW
SetCapture
SetDlgItemTextW
GetAncestor
EndPaint
SetWindowTextW
TranslateMessage
GetWindowTextLengthW
SetWindowPos
BeginPaint
PeekMessageW
GetWindowRect
RegisterClassExW
DestroyWindow
EndDialog

kernel32

GetConsoleMode
CreateFileMappingW
IsProcessorFeaturePresent
GetOEMCP
TlsSetValue
WriteConsoleA
IsDebuggerPresent
GetStartupInfoA
FlushInstructionCache
lstrcpynW
LCMapStringW
GetDriveTypeW
LoadResource
CheckRemoteDebuggerPresent
GetStringTypeW
MulDiv
GetACP
Sleep
GetStringTypeA
HeapSize
WideCharToMultiByte
lstrcmpA
InterlockedExchange
GetThreadLocale
VirtualAlloc
TlsAlloc
CreateSemaphoreW
WriteConsoleW
FlushFileBuffers
WritePrivateProfileSectionW
TlsGetValue
VirtualFree
GetCurrentProcessId
LocalAlloc
HeapCreate
InterlockedCompareExchange
LockResource
GetLocaleInfoA
LeaveCriticalSection
SetFilePointer
EnumResourceTypesW
GetVersion
GetCurrentThreadId
GetConsoleCP
RaiseException
InitializeCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
TlsFree
GetConsoleOutputCP
GetTickCount
SetUnhandledExceptionFilter
SetStdHandle
LocalFree
SetLastError
WaitForSingleObject
HeapDestroy
CopyFileW
LoadLibraryA
CreateFileA
lstrlenA
SizeofResource
GetCurrentProcess
FindResourceW
LCMapStringA
GetCPInfo
GetFileType

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

514e26a17da4f259076b0b8516da2476

Headers

File Characteristics

Imports

user32

kernel32

winspool.drv

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 49KB - Virtual size: 48KB

.isete Size: 1024B - Virtual size: 96KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 49KB - Virtual size: 48KB

.isete
Size: 1024B - Virtual size: 96KB