ece3f104ed8a1bdf649dab79c4a7fc14_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ece3f104ed8a1bdf649dab79c4a7fc14_JaffaCakes118
Size

205KB
MD5

ece3f104ed8a1bdf649dab79c4a7fc14
SHA1

1ae768448b2c61f2ac8fd84511e2a96213d7cecc
SHA256

09ae4c7799569f342c951fa2c080c5303cdfe5f2d1b343fe7c3b84beea4c75c9
SHA512

da4201393db912ddf43100b5039315d11f3b965865bb6228cc9706d8f510acd8ceae3d09a1aefd1ebf626ba60d5ef629d69add5a2e5ca5f896b3e2763200a6d7
SSDEEP

3072:OurZEYZX4fTe2/1CQBCzj9NOzNd3KZVsTABoGqA48F:OurSAo1jOjHOzNdYVsUBZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece3f104ed8a1bdf649dab79c4a7fc14_JaffaCakes118

Files

ece3f104ed8a1bdf649dab79c4a7fc14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f5b0cf7fcb4edf00d5a84cfa51a237a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

lz32

LZOpenFileA
LZSeek

setupapi

SetupDiSetDeviceRegistryPropertyW

kernel32

GetLastError
GetSystemTime
HeapSize
LockResource
GetVolumeNameForVolumeMountPointW
InterlockedCompareExchange
GetModuleHandleA
LoadLibraryW
GetModuleFileNameW
FlsGetValue
FlsFree
AddRefActCtx
HeapAlloc
lstrcmpA
GetModuleFileNameA

msvcrt

vprintf

user32

SetUserObjectInformationW
AnyPopup
GetIconInfo
SetCursorPos
DefRawInputProc
IsProcessDPIAware
GetClipboardData

advapi32

ObjectDeleteAuditAlarmW

msi

ord30

mprapi

MprAdminInterfaceSetCredentials

ole32

HPALETTE_UserFree

shlwapi

GetMenuPosFromID

gdi32

SetBrushOrgEx
FrameRgn

Sections

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f5b0cf7fcb4edf00d5a84cfa51a237a

Headers

DLL Characteristics

File Characteristics

Imports

lz32

setupapi

kernel32

msvcrt

user32

advapi32

msi

mprapi

ole32

shlwapi

gdi32

Sections

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 11KB

.text Size: 178KB - Virtual size: 177KB

.CRT Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 11KB

.text
Size: 178KB - Virtual size: 177KB

.CRT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB