eab9495c356f320ddd0b022c4cf692a5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eab9495c356f320ddd0b022c4cf692a5_JaffaCakes118
Size

959KB
MD5

eab9495c356f320ddd0b022c4cf692a5
SHA1

0db2193802f69c60452316fa084193ec6b17f0c8
SHA256

6d4b6f1aee4e60080879e2c8234c5c8f7f27882c362b9e9ebac410ccfb7e4492
SHA512

a83f67c0914fab37f6e714b1530bb98a7ab167d57ac663e91a96cbfaf2d483adb27c9f86ab326d15a37d64708de4bde8867e62c2bf29b37fafdde34bc3aacfba
SSDEEP

24576:caF2/4icOkqYsCMKBuBPp+ueLpO68pUxje4/Gp:hFy4ugCURfup

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab9495c356f320ddd0b022c4cf692a5_JaffaCakes118

Files

eab9495c356f320ddd0b022c4cf692a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e43e2698e30d6ce92a5611070da083ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageDirectoryEntryToData
ImageGetDigestStream
ImageNtHeader
ImageRvaToVa

user32

CharNextW
CharNextA
wsprintfW

ole32

StringFromIID
CoUninitialize
CoCreateInstance
CoInitialize
StringFromCLSID
CoTaskMemFree
CLSIDFromString

shell32

CommandLineToArgvW

advapi32

CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptAcquireContextA
CryptCreateHash
CryptGetHashParam

msvfw32

ICDecompress
ICRemove

msvcrt

_itoa
atoi
_itow
_snwprintf
wcscpy
malloc
vfprintf
fprintf
strtoul
bsearch
wcsncpy
wcsncmp
_snprintf
qsort
iswspace
strchr
_vsnprintf
memset
fputs
_purecall
??3@YAXPAX@Z
_wcsicmp
wcslen
_iob
?terminate@@YAXXZ
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
strncmp
_wcslwr
_wcsnicmp
wcsrchr
realloc
__CxxFrameHandler
_vsnwprintf
wcsstr
_except_handler3
_CxxThrowException
free
vwprintf
??2@YAPAXI@Z
printf
wcstoul
wcsspn
wcschr
_ui64tow
wcscmp
memmove

kernel32

lstrcpyA
lstrlenW
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
IsDebuggerPresent
ExitProcess
GetEnvironmentVariableA
GetSystemDirectoryA
WideCharToMultiByte
InterlockedCompareExchange
SetFilePointer
GetVersion
GlobalAlloc
FreeResource
GetTempFileNameW
GetTempPathW
MoveFileW
GlobalLock
GlobalUnlock
Sleep
FindFirstFileA
FindFirstFileW
FindNextFileA
SetLastError
HeapFree
GetProcessHeap
FormatMessageW
GetModuleHandleW
RaiseException
GlobalFree
LocalFree
HeapAlloc
MultiByteToWideChar
GetCurrentDirectoryW
GetCommandLineW
LockResource
SizeofResource
LoadResource
FindResourceExW
GetLastError
GetProcAddress
LoadLibraryA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
CloseHandle
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
FindNextFileW
GetFileInformationByHandle
GetFullPathNameA
RemoveDirectoryA
RemoveDirectoryW
GetFileAttributesA
lstrlenA
GetFileAttributesW
DebugBreak
OutputDebugStringA
LoadLibraryExA
FreeLibrary
LoadLibraryExW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetFullPathNameW
ReadFile
FindClose
GetOEMCP
CopyFileA
CopyFileW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
AreFileApisANSI

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e43e2698e30d6ce92a5611070da083ca

Headers

File Characteristics

Imports

imagehlp

user32

ole32

shell32

advapi32

msvfw32

msvcrt

kernel32

Sections

.text Size: 592KB - Virtual size: 591KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 340KB - Virtual size: 339KB

.rsrc Size: 21KB - Virtual size: 3.3MB

.text
Size: 592KB - Virtual size: 591KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 340KB - Virtual size: 339KB

.rsrc
Size: 21KB - Virtual size: 3.3MB