ee84425065a17627246ed6dd96fd1681_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ee84425065a17627246ed6dd96fd1681_JaffaCakes118
Size

360KB
MD5

ee84425065a17627246ed6dd96fd1681
SHA1

15465be95f0df8a96df8c759329089e0aa332e98
SHA256

b7359b3825d75e866b2c3659ca21f1b916c4e74559d8a49fdb5a68f8a574b114
SHA512

8f1cf36de89a1466964ec8834c9422e549b9fbf2508b693dd4d4ad59ba94e56ae734b3587ec49a80837267cc058d823a1ebf44bf0666b25f89d05f07505ea2ed
SSDEEP

6144:WLP430MsSpHt4egAyMW5jYtiVWFUTcaYsyFb1rQKiNuCdamuzIE8y7gVJmpy:Q47sWtetMW5ktOjcth1rQZu5ll57gVJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee84425065a17627246ed6dd96fd1681_JaffaCakes118

Files

ee84425065a17627246ed6dd96fd1681_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09b25b996fde8d6a8a7c21fab9c45659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
PeekConsoleInputW
GetFileType
AllocConsole
GetEnvironmentVariableW
LocalReAlloc
CompareStringA
GetTapeParameters
VirtualQuery
IsProcessorFeaturePresent
ScrollConsoleScreenBufferA
GetACP
GetConsoleCursorInfo
CreateProcessA
GetCommandLineA
GetVersionExA
VirtualProtect
ExitProcess
GetProcessTimes

user32

CreateAcceleratorTableW
ShowCursor
CharLowerBuffA
DefWindowProcA
SendMessageW
FindWindowExA
MapVirtualKeyA
SetWindowWord
SystemParametersInfoW
GetClassInfoExA
CharNextA
SetUserObjectInformationW
GetMenuDefaultItem
ToAscii
GetClassLongA
DeferWindowPos
RegisterDeviceNotificationW
DrawAnimatedRects
LoadBitmapW
VkKeyScanW
SetParent
DrawIcon
MonitorFromRect
CharLowerA
InsertMenuA
EnumDisplaySettingsA
MessageBoxIndirectW
IntersectRect
IsWindowUnicode
SetMenuItemInfoW
AppendMenuA

comdlg32

GetFileTitleW

advapi32

EqualSid
AllocateAndInitializeSid
CreateServiceW
ClearEventLogW
CryptExportKey
ObjectDeleteAuditAlarmW
QueryServiceObjectSecurity
GetCurrentHwProfileW
CryptDestroyKey
CryptCreateHash
StartServiceCtrlDispatcherW
RegCloseKey
SetPrivateObjectSecurity
CryptVerifySignatureW
LogonUserW
SetServiceStatus
LookupAccountSidW
StartServiceW
CryptSignHashW
CryptReleaseContext
CryptGetHashParam
RegCreateKeyExA
GetTokenInformation
RegQueryInfoKeyA
RegDeleteValueW
GetNamedSecurityInfoW

shell32

ExtractIconA
SHChangeNotify
ExtractIconExW
Shell_NotifyIconW
FindExecutableW

ole32

MkParseDisplayName
OleGetIconOfClass
CLSIDFromString
CoUninitialize

oleaut32

SysStringLen
SysAllocStringLen

comctl32

ImageList_Remove
ImageList_GetIcon
ImageList_Replace

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09b25b996fde8d6a8a7c21fab9c45659

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 16KB