ebf46ad3d230f658e43206764af885b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ebf46ad3d230f658e43206764af885b6_JaffaCakes118
Size

383KB
MD5

ebf46ad3d230f658e43206764af885b6
SHA1

1c781d168f098d7c04d74811e82e54b96eb9086b
SHA256

eebe2a8c2f356abf5b8bfff829523623c6e5c5e9c67cd1c43bcc2499bc17a2b6
SHA512

bec5090524c84ea58428a23c7053066401dd308415af0ef7cd2123d945b93aa4550e05becbfc48b810dde15c8d5ff6a4938d68bc7bf12e6b84bb51c813d0ae2f
SSDEEP

6144:MXl2OaO3wtxinLHw1OD2Zf8an1TwstgXEtCD3L64JgSX7TmmP7gcyc4n3Pi:M1aO3wtYncElanhUEtkL64JpT7P7g9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebf46ad3d230f658e43206764af885b6_JaffaCakes118

Files

ebf46ad3d230f658e43206764af885b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

232112b23344c89880ffdb51a9686d67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
PostMessageA
GetWindowLongW
GetSubMenu
wvsprintfA
RegisterClassA

kernel32

CloseHandle
GetTimeFormatA
GetStartupInfoA
GetStdHandle
GetExitCodeThread
RtlUnwind
LocalFree
GetEnvironmentStringsW
VirtualAlloc
TlsAlloc
HeapAlloc
GetCurrentThread
GetUserDefaultLCID
SetStdHandle
GetCurrentProcess
WriteConsoleW
GetModuleFileNameW
GetCompressedFileSizeA
GetConsoleMode
GetCurrentProcessId
GetCPInfo
SetFilePointer
TlsFree
CreateMutexA
TerminateProcess
IsValidCodePage
GetCommandLineA
DeleteCriticalSection
GetTimeFormatW
VirtualFree
WideCharToMultiByte
GetConsoleCP
OpenProcess
GetStringTypeW
SetHandleCount
GetPrivateProfileStructW
SetUnhandledExceptionFilter
TerminateThread
SetConsoleTextAttribute
UnhandledExceptionFilter
InterlockedExchange
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
CompareStringA
WriteFile
MultiByteToWideChar
VirtualQuery
GetStartupInfoW
SetCurrentDirectoryA
TlsSetValue
GetLocaleInfoA
FreeLibrary
HeapReAlloc
ExitProcess
GetProcAddress
WriteConsoleA
SetEnvironmentVariableA
HeapCreate
GetACP
GlobalFree
OpenMutexA
EnumSystemLocalesA
FindFirstFileExA
GetModuleFileNameA
GetFileAttributesExA
GetLocaleInfoW
IsDebuggerPresent
ReadFile
CreateFileA
LCMapStringW
GetOEMCP
LCMapStringA
SetConsoleCtrlHandler
GetModuleHandleW
WritePrivateProfileStringA
HeapDestroy
Sleep
IsValidLocale
GetCommandLineW
FindResourceExW
GetConsoleTitleA
GetSystemDirectoryW
WriteProfileSectionW
HeapFree
InitializeCriticalSectionAndSpinCount
lstrlenW
GetConsoleOutputCP
EnterCriticalSection
InterlockedIncrement
LoadLibraryA
CreateThread
QueryPerformanceCounter
GetLastError
TlsGetValue
HeapSize
GetModuleHandleA
GetDateFormatA
FlushFileBuffers
GetFileType
GetTickCount
SetLastError
CompareStringW
GetStringTypeA
LeaveCriticalSection
InterlockedDecrement
GetCurrentThreadId
GetTimeZoneInformation

comctl32

InitCommonControlsEx

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

232112b23344c89880ffdb51a9686d67

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 9KB - Virtual size: 28KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 9KB - Virtual size: 28KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 10KB - Virtual size: 10KB