eaea171047f41136efc0a8f93fcd04c4_JaffaCakes118

General

Target

eaea171047f41136efc0a8f93fcd04c4_JaffaCakes118
Size

175KB
MD5

eaea171047f41136efc0a8f93fcd04c4
SHA1

04f2547d1de6a37080f75eac0fa9c48dad418af3
SHA256

a746fc2be0cc0604a0965eeef801dc0d92e7fa54521332ec4d79a6ad442aa971
SHA512

dba7ad4df8cc786b4362fac92dcfc68d4834bbdabc05021a1fa96250e375f8f77211e3c47e2fc28e2795d38aa01e8121625b6e705da0e5542b7ac4a19327ab5e
SSDEEP

3072:sUMUp32uhRfx9X9QcsoaLtS4XTQ/vZn/nQ9wx0RR7zlW757Ip:rnDecstS4XqvZn/Q2x0RRXl67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaea171047f41136efc0a8f93fcd04c4_JaffaCakes118

Files

eaea171047f41136efc0a8f93fcd04c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

664bba85582f303bf94343ef5e35a97c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTickCount
lstrcpyA
FillConsoleOutputAttribute
LockResource
OutputDebugStringW
GetProcessWorkingSetSize
WideCharToMultiByte
FindClose
lstrcmpiW
CreateFileMappingW
GetLastError
lstrcpyW
InitializeCriticalSection
EnumResourceNamesW
FreeEnvironmentStringsW
MultiByteToWideChar
GetACP
lstrlenW
GlobalAlloc
GetCPInfo
GlobalFree
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCreateKeyExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegSetValueExW

gdi32

DeleteObject
GetOutlineTextMetricsW
CreateFontIndirectW
GetTextMetricsW
SelectObject
AddFontResourceExW

user32

KillTimer
GetMessageW
CharUpperW
GetWindowLongA
PostThreadMessageW
GetDC
SetTimer
wsprintfW
DispatchMessageW
TranslateMessage
CharNextW
UnregisterClassA

ole32

StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoInitialize
StringFromCLSID

psapi

GetProcessMemoryInfo

shell32

SHGetFileInfoW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

664bba85582f303bf94343ef5e35a97c

Headers

File Characteristics

Imports

kernel32

oleacc

advapi32

gdi32

user32

ole32

psapi

shell32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 63KB - Virtual size: 62KB

.isete Size: 1024B - Virtual size: 116KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 63KB - Virtual size: 62KB

.isete
Size: 1024B - Virtual size: 116KB