ebed432d5ba6cbb3ce5f0ac4e8cfbac8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ebed432d5ba6cbb3ce5f0ac4e8cfbac8_JaffaCakes118
Size

2.4MB
MD5

ebed432d5ba6cbb3ce5f0ac4e8cfbac8
SHA1

7c567f3ae452b74a26a49bae190ff656e1085434
SHA256

fbf2e3a2332afaef32a2157a5ac56515f6d9aded412a65f9b61d414366e50fdc
SHA512

1b7047f2626f27ffbe08d051c3e515e3be2db55e7858f92f8e7c465d21a65fe790e4b6118c3e643fbbc6f54d07a375b2039c59b24eb5138723fcdf4c376a0bbc
SSDEEP

24576:xtJYwaTU7UoO8itce9WBZf1xCqhKuTone1hFevz1Df4TXbJEr:xtJY5U76FttSxKuU2eBDgrJEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebed432d5ba6cbb3ce5f0ac4e8cfbac8_JaffaCakes118

Files

ebed432d5ba6cbb3ce5f0ac4e8cfbac8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df4fc444ae32189760fa193e6a1fc888

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

DeleteSecurityContext
FreeContextBuffer
TranslateNameW
InitializeSecurityContextW

kernel32

DecodePointer
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetVersion
GlobalFree
VirtualAlloc
CloseHandle
FileTimeToLocalFileTime
TlsAlloc
CreateMutexW
CreateEventW
GlobalFindAtomW
GetFullPathNameW
DeleteFileW
FindNextFileW
CopyFileW
GetVersionExW
IsValidCodePage
GetUserGeoID
GetConsoleWindow
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
GetModuleHandleW
TlsFree
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
CreateFileW
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue

user32

CopyIcon
DestroyCursor
LoadBitmapW
GetLastActivePopup
SetParent
SetRectEmpty
GetSysColor
GetScrollInfo
SetWindowRgn
GetDCEx
AppendMenuW
GetSubMenu
SetMenu
SetFocus
CharLowerW
RegisterClipboardFormatW
ShowWindow
GetClassInfoExW
PostMessageW
TranslateMessage
RegisterRawInputDevices
DdeGetData
DdeAccessData
GetScrollPos

psapi

GetDeviceDriverBaseNameW
EnumDeviceDrivers
GetModuleFileNameExW

mpr

WNetOpenEnumW

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.40b0h
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.elo5w2
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5nhduw
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df4fc444ae32189760fa193e6a1fc888

Headers

File Characteristics

Imports

secur32

kernel32

user32

psapi

mpr

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 1.1MB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.40b0h Size: 120KB - Virtual size: 120KB

.elo5w2 Size: 365KB - Virtual size: 364KB

.5nhduw Size: 309KB - Virtual size: 309KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 1.1MB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.40b0h
Size: 120KB - Virtual size: 120KB

.elo5w2
Size: 365KB - Virtual size: 364KB

.5nhduw
Size: 309KB - Virtual size: 309KB

.rsrc
Size: 362KB - Virtual size: 362KB