eb0abfaab2f4ba6b43d2482a36b0487b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb0abfaab2f4ba6b43d2482a36b0487b_JaffaCakes118
Size

141KB
MD5

eb0abfaab2f4ba6b43d2482a36b0487b
SHA1

b4e9f568cdc857f8f645d5298a42c2cb1f34951f
SHA256

1255aec2974aa72e06082f36b0a996451df767e47524abb1eae59ec42bd56475
SHA512

2acc649fbfaa57b6bc5fa5a885b920770de01c6004264464d06b3426bebd74d28f5d2069e5343e0cb6af54e53ddc765131d4fcf69a569d948a7cc45607215765
SSDEEP

3072:GnW76TO9ZYDpiiZkSyjbTUctRCl+Ll0CNupND/paN6TBUu12:GnWH9KpipSyjClgXcIw4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb0abfaab2f4ba6b43d2482a36b0487b_JaffaCakes118

Files

eb0abfaab2f4ba6b43d2482a36b0487b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e924a8971c0b86ed743791285956822f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
GetModuleHandleA
VirtualProtect
IsBadCodePtr
GetVersion
IsValidCodePage
GetDriveTypeA
GlobalUnlock
GetStartupInfoA
SetThreadLocale
GetModuleHandleW

msvcrt

_adjust_fdiv
_initterm
_lock
__setusermatherr
__lc_codepage
log
__set_app_type
__getmainargs
_except_handler3
exit
_acmdln
__initenv
_strcmpi
__p__fmode
strcat
_XcptFilter
wcstombs
__p__commode
ceil

user32

InvalidateRect
CharLowerA
GetDC
RegisterWindowMessageA
SetActiveWindow
GetSubMenu
WinHelpA
InsertMenuA
OemToCharA
GetCursorPos
GetMessagePos
CharNextA

comctl32

CreateToolbarEx
ImageList_DragEnter
ImageList_Add
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_Destroy
ImageList_AddMasked
ImageList_DrawEx
CreatePropertySheetPageW
ImageList_SetImageCount
ImageList_Replace
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_EndDrag

advapi32

QueryServiceStatus
CryptGenRandom
RegSetValueExW
CloseServiceHandle
RegFlushKey
RegCloseKey
InitiateSystemShutdownA
CopySid
OpenThreadToken

ole32

CoGetClassObject
CoGetInterfaceAndReleaseStream
CoInitialize
IIDFromString
CoGetMalloc
IsEqualGUID
CoFreeUnusedLibraries
OleSetClipboard
CoTaskMemFree
CreateStreamOnHGlobal

version

VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileA
VerFindFileW

shell32

SHGetDesktopFolder
DragAcceptFiles
SHFileOperationW
ExtractIconExA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHCreateDirectoryExA

oleaut32

SysReAllocStringLen
VariantInit
SafeArrayUnaccessData
CreateErrorInfo
SysStringByteLen
GetActiveObject

gdi32

PtInRegion
GetTextExtentPoint32A
CreateDIBitmap
GetWinMetaFileBits
LPtoDP
ExtFloodFill
SetTextJustification

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e924a8971c0b86ed743791285956822f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

advapi32

ole32

version

shell32

oleaut32

gdi32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 49KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 27KB - Virtual size: 27KB