ee869e1ad96050dad4b9635e7e399322_JaffaCakes118

General

Target

ee869e1ad96050dad4b9635e7e399322_JaffaCakes118
Size

233KB
MD5

ee869e1ad96050dad4b9635e7e399322
SHA1

182015043cd53cde62769ecd99a426a5cd372964
SHA256

d1dd2de9716290eadd64c02e5aa88a9c16a45aabc632aea3f188aac136cea023
SHA512

163c98375a9af3a7bd1a0d3bf3d0893dba186cf16beb0b63664e279bade276f27335939c5e9d4f8479dd9d5cc01b6137971c15ee33a4784e4cec3cb4a1d8b3cb
SSDEEP

3072:5m1dls3oCVukHsG3k6gJzViXH725iQPXwo9THI8Kuq:K30oCVukHsEvIS725bwuHI8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee869e1ad96050dad4b9635e7e399322_JaffaCakes118

Files

ee869e1ad96050dad4b9635e7e399322_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59e60eebba7284d2afa9441f8eb378f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
FindNextFileA
HeapSetInformation
lstrlenA
SetConsolePalette
lstrcatA
lstrcmpA
MapViewOfFile
CancelIo
SetFileAttributesA
lstrcpyA
FindFirstFileA
SystemTimeToFileTime
CreateDirectoryA
RemoveDirectoryA
CompareFileTime
LockFile
GetComputerNameExW
GetCurrentProcess
InterlockedDecrement
GetWindowsDirectoryA
GetLogicalDrives
SleepEx
GetProfileIntA
_lopen
OutputDebugStringW
_llseek
GetSystemDirectoryA
FindClose
GetFileSizeEx
lstrcpyA
_lclose
SetTapeParameters
GetModuleFileNameA
FindFirstChangeNotificationW
GetUserDefaultUILanguage
HeapDestroy
DeleteFileA
WritePrivateProfileStringA
InterlockedIncrement
SearchPathA
lstrcatA

gdi32

CopyMetaFileA
CreateMetaFileA

user32

MessageBeep
EndDialog
GetSystemMetrics
GetDesktopWindow
LoadStringA
SetDlgItemTextA

advapi32

CheckTokenMembership
CryptAcquireContextW
RegDeleteKeyW
OpenThreadToken
SetFileSecurityW
CryptReleaseContext

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

59e60eebba7284d2afa9441f8eb378f6

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 216KB - Virtual size: 216KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 216KB - Virtual size: 216KB