eb175de3eb4279745016a556fc0af801_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb175de3eb4279745016a556fc0af801_JaffaCakes118
Size

116KB
MD5

eb175de3eb4279745016a556fc0af801
SHA1

27fbe9f0b160932bd17863d04ffee475b285130a
SHA256

4f6b4154fb847dc530fe55e8ba5c14f588b19e56cb462b2eb085691327bd4e29
SHA512

7d2d0c44ac0305192dad787f3ed55071af0aae05833c2f5155c8b92b72ef8a0534e6803f536631a6d586329d62e02cc5063c212cc9c494d7014055a64de562ba
SSDEEP

1536:OCdNBqy+7pa4h07OpIml077chRLTzy7LWV+VcAuYonkLjRHEwwiz1lL34Gs:HB4q7OKmG8hRXzkWV+VJ9EUzrTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb175de3eb4279745016a556fc0af801_JaffaCakes118

Files

eb175de3eb4279745016a556fc0af801_JaffaCakes118
.exe windows:5 windows x86 arch:x86

07070f5c9fd6e2b71a33ad6cfc237968

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA
UrlCompareA
PathCompactPathA
PathCompactPathExA
PathIsContentTypeW
PathAppendW
PathAppendA
PathCompactPathW
PathIsContentTypeA
PathAddBackslashW
PathFindOnPathA
PathCompactPathExW

kernel32

lstrcpyA
DeleteFileA
SetFileAttributesW
GetSystemTime
OpenFileMappingA
GetTempPathA
DeleteFileW
GetVersion
GetWindowsDirectoryW
CloseHandle
ExitProcess
GetCommandLineW
CreateFileA
CreateMutexW
SetFilePointer
FindResourceW
HeapAlloc
GlobalSize
HeapFree
GlobalLock
WaitForSingleObject
SetEvent
GetModuleHandleW
CreateNamedPipeW
GetProcessHeap
GetPrivateProfileStringW
FormatMessageA
WriteFile
GetCommandLineA
GlobalAlloc
GetPrivateProfileIntA
WideCharToMultiByte
Sleep
CopyFileW
CreateEventA
GetVersionExW
GetFileAttributesA
CreateProcessA
GetModuleFileNameW
CreateFileW
lstrcatA
lstrlenW
GetFileSizeEx
FindFirstFileA
GetLastError
GetProcAddress
VirtualAlloc
MoveFileW
WriteProfileSectionA
ReadFileEx
CopyFileA
SetFileAttributesA
GlobalFree
FindClose
LoadLibraryA
OpenMutexA
MoveFileA
OpenEventA
WriteProfileSectionW
GetPrivateProfileStructA
GetSystemInfo
GetModuleFileNameA
FindNextFileA
WriteProfileStringA
GetModuleHandleA
OpenFileMappingW
CreateMutexA
FindNextFileW
WriteProfileStringW
GetFileTime

user32

GetDlgItemTextA
FindWindowA
AdjustWindowRect
CallWindowProcA
EnableWindow
GetDlgItemTextW
MessageBoxW
CreateWindowExW
LoadBitmapW
ShowWindow
EnumChildWindows
CallWindowProcW
DefWindowProcA
CreateWindowExA
GetWindowTextW
SetCursorPos
MessageBoxA
MapVirtualKeyA
GetWindowTextA
EnumWindows
BeginPaint
CloseDesktop
GetClientRect
WindowFromPoint
GetParent
LoadBitmapA
GetWindowDC
RegisterClassExA
GetWindowRect
SetTimer
SetWindowRgn
GetClassNameA
EndPaint
MoveWindow
GetDesktopWindow

advapi32

RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07070f5c9fd6e2b71a33ad6cfc237968

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 512B - Virtual size: 148B

.reloc Size: 1024B - Virtual size: 712B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 512B - Virtual size: 148B

.reloc
Size: 1024B - Virtual size: 712B