eb9f17db2f830fd6cdd100c330a4eaff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb9f17db2f830fd6cdd100c330a4eaff_JaffaCakes118
Size

64KB
MD5

eb9f17db2f830fd6cdd100c330a4eaff
SHA1

301ca223912373b94a04c09d31114f7c9e65fd8b
SHA256

a63d7699b840393db09763c9ae90384bca294f844743b28ab112a8fa006a3fce
SHA512

12274d471e3ed6fac8a63a150800e15e2acb1d07a2e65d474528f71db7ca3d5f22464d8eba3fb3e58733f2bfe51849a66d67a08e9ee5a790e8f2b812609f1fcf
SSDEEP

1536:XqT5dckO9AUYHYhsK/+SHdiZYrqEtIX0qq:XAdcfhhZ/b9NHtog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb9f17db2f830fd6cdd100c330a4eaff_JaffaCakes118

Files

eb9f17db2f830fd6cdd100c330a4eaff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bce163997b85a75a438810a2d0e018ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
CreateEventA
FileTimeToLocalFileTime
CloseHandle
GetFileSize
SetFilePointer
CreateFileA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
TlsGetValue
TlsAlloc
GetProfileStringW
FindResourceA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
GetDateFormatA
GetModuleHandleA
MoveFileExA
GetLocalTime
QueryPerformanceCounter
GetSystemTime
VirtualProtect
GetVolumeInformationA
HeapFree
HeapAlloc
GetLastError
FindClose
FileTimeToSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
SetEnvironmentVariableA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

CommDlgExtendedError
ChooseFontA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

ole32

CoRevokeClassObject
OleSetContainedObject

comctl32

ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetImageCount
ImageList_Read
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_Create

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bce163997b85a75a438810a2d0e018ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

comdlg32

ole32

comctl32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 12KB - Virtual size: 380KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 12KB - Virtual size: 380KB

.rsrc
Size: 4KB - Virtual size: 1KB