eb49a53fd091abe7d929327db6a72eea_JaffaCakes118

General

Target

eb49a53fd091abe7d929327db6a72eea_JaffaCakes118
Size

170KB
MD5

eb49a53fd091abe7d929327db6a72eea
SHA1

5cadb3a1bdbf3cddd3a99ca3444776a6b401484b
SHA256

ea9cbdeb5e8cd89d8e41a763f61cfcb1c4afc3dc4a3966c8c3d58fdf7d63eac9
SHA512

688afdc6a4236924c8c17b54f7abd90435f5c1b88cde195674876e384f0673a7629ce9d795a4ac009b64502151c9df9a6bdb9d68d820da94efaa0525d84b319c
SSDEEP

3072:BayIUs4r67OxLecN6PGxBxPn/ZYUGHYgSZppE8iPbe:BayC4r6kpEgFYlYgS1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb49a53fd091abe7d929327db6a72eea_JaffaCakes118

Files

eb49a53fd091abe7d929327db6a72eea_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6ac51543fb8bc0dfcf335bb4eb18d8ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetNumberFormatA
GetConsoleMode
RtlUnwind
GetConsoleOutputCP
GetProcessHeap
LocalFree
LCMapStringA
ResetEvent
GetOEMCP
GetLastError
GetProcessAffinityMask
HeapFree
GetModuleHandleA
ResumeThread
GetLocaleInfoA
GlobalUnlock
InterlockedExchange
LoadLibraryA
SizeofResource
FindClose
GetConsoleCP
VirtualQueryEx
GetExitCodeThread
lstrcmpA
WriteFile
lstrcmpiA
PulseEvent
MulDiv
WriteConsoleW
DeleteCriticalSection
SetEnvironmentVariableA
FlushFileBuffers
IsBadStringPtrA
GetStartupInfoA
GetStringTypeW
SetEndOfFile

user32

GetCapture
GetUpdateRgn
CheckMenuRadioItem
GetMenuItemID
SetForegroundWindow
ModifyMenuA
CheckRadioButton
DefMDIChildProcA
SetDlgItemTextA
CallWindowProcA
GetWindowTextA
SetUserObjectSecurity
GetKeyState
SetClassLongA
FrameRect
EndDeferWindowPos
DrawFrameControl
GetWindowDC
DefWindowProcA
EndDialog
InflateRect
IsDlgButtonChecked
DrawIconEx
DialogBoxIndirectParamA
CreateWindowExA
ScrollWindowEx
SetClipboardData
SetPropA
GetScrollInfo
ScreenToClient
GetWindowRect
DialogBoxParamA
MapWindowPoints
DeleteMenu
UnionRect
DefDlgProcA
GetClassNameA
ClientToScreen
ExitWindowsEx
DefFrameProcA
MessageBoxA
UpdateWindow
ChildWindowFromPoint
GetWindowLongA

msvcrt

_controlfp
exit
_initterm
memcpy
_exit
__p__commode
_XcptFilter
__getmainargs
_acmdln
_adjust_fdiv
__setusermatherr
__set_app_type
__p__fmode
_except_handler3

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ac51543fb8bc0dfcf335bb4eb18d8ed

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 145KB - Virtual size: 145KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 145KB - Virtual size: 145KB

.rsrc
Size: 512B - Virtual size: 164B