eeadcc7c57f43fb68ea25b3e3d04d958_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eeadcc7c57f43fb68ea25b3e3d04d958_JaffaCakes118
Size

205KB
MD5

eeadcc7c57f43fb68ea25b3e3d04d958
SHA1

a0afe0b82333bf2a91fcefae096bdc60ceca3dce
SHA256

9c5629800059a54dd0d9cae04b85793f55e7986cbc93272ac406c8bc901a3709
SHA512

eb89209365786c9833b4e4c7fdd24369d210258dd025b510e6f8cfdb8f47d0bcfc2d0c79f34ae01d6946cd6e806fc3a878237ecea583a685f861c8ceacfb5e2f
SSDEEP

3072:NQU3xZLm9fjtDouDVsKSYmqbwjXSaGBGBKD6EbD7wiZHXRGM3WJdbzmDVFRZDvQx:NbLsZ3DV7SYwiccOEbD7wiZHX02/Dv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eeadcc7c57f43fb68ea25b3e3d04d958_JaffaCakes118

Files

eeadcc7c57f43fb68ea25b3e3d04d958_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d53578a5162f8b949946b3048efc87d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetCurrentThreadId
lstrcatA
IsBadStringPtrW
GlobalDeleteAtom
lstrcpyn
GetVolumeInformationW
lstrlen
GetModuleHandleA
GetVersion
DosDateTimeToFileTime
lstrlenW
CreateFileA
OpenSemaphoreA
CreateDirectoryW
lstrcpynA
lstrlenA
GetStringTypeA
FreeResource
GetEnvironmentStringsW
GetLongPathNameA
GetProcessHeap
LocalFree
GetPriorityClass
FileTimeToDosDateTime
AddAtomA
GetProcAddress
RemoveDirectoryW
DeleteAtom
GetUserDefaultLangID
GetFileAttributesW
GetLocaleInfoW
OpenProcess
LocalAlloc
EnumDateFormatsA
RemoveDirectoryA
GetDateFormatW
GetCalendarInfoA
IsValidCodePage
GetExitCodeThread
GetNumberFormatW
DuplicateHandle
GetNumberFormatA
OpenMutexA

user32

CreateWindowExA
GetFocus
GetMenuState
ReleaseDC
GetKeyState
wsprintfA
CheckDlgButton
SendDlgItemMessageA
EnumWindows
SetDlgItemTextA
DialogBoxIndirectParamW
AppendMenuW
EnumChildWindows
CharPrevW

gdi32

GetCurrentObject
SetBoundsRect
SetICMProfileW
StrokePath
GetROP2
CreateDCA
GetPaletteEntries
CreateDCW
SetLayout
PlayMetaFile
CreateBitmapIndirect

advapi32

RegOpenKeyA
RegDeleteKeyA
RegSaveKeyA
RegOpenKeyExA
RegEnumValueW

wininet

InternetAutodialCallback
InternetReadFile
FtpCreateDirectoryA

inetcomm

MimeOleSetPropW
MimeOleGetCodePageCharset
MimeOleSetDefaultCharset
MimeOleUnEscapeStringInPlace
CreateNNTPTransport
MimeOleCreateBody
MimeOleCreateHeaderTable
MimeOleGetPropertySchema
MimeOleSetCompatMode
MimeOleSMimeCapAddCert

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MTCf
Size: 1024B - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.S
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LwNQ
Size: 1024B - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PgUnvR
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Qql
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HgY
Size: 2KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Wrkz
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nlpjU
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Jyt
Size: 512B - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d53578a5162f8b949946b3048efc87d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

inetcomm

Sections

.text Size: 12KB - Virtual size: 12KB

.MTCf Size: 1024B - Virtual size: 47KB

.S Size: 1KB - Virtual size: 9KB

.LwNQ Size: 1024B - Virtual size: 39KB

.PgUnvR Size: 2KB - Virtual size: 12KB

.Qql Size: 1024B - Virtual size: 4KB

.HgY Size: 2KB - Virtual size: 46KB

.data Size: 9KB - Virtual size: 8KB

.Wrkz Size: 1KB - Virtual size: 18KB

.nlpjU Size: 1024B - Virtual size: 6KB

.Jyt Size: 512B - Virtual size: 166KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.MTCf
Size: 1024B - Virtual size: 47KB

.S
Size: 1KB - Virtual size: 9KB

.LwNQ
Size: 1024B - Virtual size: 39KB

.PgUnvR
Size: 2KB - Virtual size: 12KB

.Qql
Size: 1024B - Virtual size: 4KB

.HgY
Size: 2KB - Virtual size: 46KB

.data
Size: 9KB - Virtual size: 8KB

.Wrkz
Size: 1KB - Virtual size: 18KB

.nlpjU
Size: 1024B - Virtual size: 6KB

.Jyt
Size: 512B - Virtual size: 166KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 1KB - Virtual size: 1KB