ee913771bb445ab36a2a89d73451c04c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ee913771bb445ab36a2a89d73451c04c_JaffaCakes118
Size

983KB
MD5

ee913771bb445ab36a2a89d73451c04c
SHA1

b1e1f4eb5f20fcc488a7b71fa619de419571ab23
SHA256

917d9037f04cf35ea1eba7251e5dd04da7025ee438ba524e63ae76715887e771
SHA512

83464facaec49f6ad3cf0590500e8c6a8f7a8fb862e20c5aff6b3ea18467d1c790dfa0afc5fb31eccc0c3a6677e34d22c1bd4ec1c65d51a33be984efa73004ad
SSDEEP

12288:ZILLCj1xJyV9bsPA3RUZdHd0lmS/6W+EOFzfhiUjA7rDXak+P7f9C6MI7eA:nnJZWULK6iUjAXb9I71C6MyeA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee913771bb445ab36a2a89d73451c04c_JaffaCakes118

Files

ee913771bb445ab36a2a89d73451c04c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cb537bb250089f3dc42cea1e11917b81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICGetInfo
ICRemove

imagehlp

ImageGetDigestStream
ImageDirectoryEntryToData
ImageNtHeader
ImageRvaToVa

ole32

StringFromCLSID
CLSIDFromString
StringFromIID
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

msvcrt

exit
??2@YAPAXI@Z
_except_handler3
_itow
_snprintf
wcsstr
_CxxThrowException
iswspace
_cexit
__wgetmainargs
__setusermatherr
_wcsnicmp
vwprintf
??1type_info@@UAE@XZ
_XcptFilter
strncmp
_c_exit
realloc
_purecall
__p__fmode
free
_itoa
__CxxFrameHandler
_initterm
??3@YAXPAX@Z
_snwprintf
__winitenv
memset
qsort
__dllonexit
__p__commode
__set_app_type
_adjust_fdiv
_exit
strchr
fputs
_wcsicmp
_vsnwprintf
wcsrchr
atoi
_iob
_controlfp
_vsnprintf
wcslen
_onexit
_wcslwr
?terminate@@YAXXZ

kernel32

GetOEMCP
GetFileInformationByHandle
CopyFileA
GetFullPathNameW
GetModuleHandleW
RemoveDirectoryA
WideCharToMultiByte
InterlockedDecrement
CloseHandle
FindNextFileW
lstrcmpiA
FreeResource
GetThreadLocale
FindClose
GetVersionExW
GetACP
GetVersion
GlobalAlloc
FreeLibrary
lstrcpyA
OutputDebugStringA
IsDebuggerPresent
GetEnvironmentVariableA
UpdateResourceW
lstrlenA
InterlockedExchange
GetLocaleInfoA
GlobalFree
GetSystemDirectoryA
GetFileAttributesA
SetFilePointer
CopyFileW
DebugBreak
lstrlenW
ExitProcess
InterlockedCompareExchange
GetFullPathNameA
InterlockedIncrement
GetFileAttributesW
BeginUpdateResourceW
LocalFree
EndUpdateResourceW
LoadLibraryExW
RaiseException
LoadLibraryExA
RemoveDirectoryW
ReadFile

shell32

CommandLineToArgvW

user32

wsprintfW
CharNextA
CharNextW

Sections

.text
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb537bb250089f3dc42cea1e11917b81

Headers

File Characteristics

Imports

msvfw32

imagehlp

ole32

msvcrt

kernel32

shell32

user32

Sections

.text Size: 706KB - Virtual size: 705KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 251KB

.rsrc Size: 21KB - Virtual size: 3.2MB

.text
Size: 706KB - Virtual size: 705KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 251KB

.rsrc
Size: 21KB - Virtual size: 3.2MB