ecf50cdb5de5859eecda96936a6c7d27_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecf50cdb5de5859eecda96936a6c7d27_JaffaCakes118
Size

212KB
MD5

ecf50cdb5de5859eecda96936a6c7d27
SHA1

847970ed7f8b2191e70786d45fa143119943fe7a
SHA256

9dd9541635d17b9e1cedb15c0b97c1e2e3e7de91a618d5524e6ab6711cafd9b6
SHA512

16048f79448dc0d8757b2df96bb907f66925b059b000907c5552ea8fc14d99c5c9379d4467627e721f3e784864db1941c1c44ee8aed9dda32d715f368a6394a4
SSDEEP

3072:H/61cEACzuqiKUHqUfWcUU1hPmMIlMMNiDMxJ1hG1qc8TZ52oigI75ehCb2dbLrE:f61czCzuqiKE+cvlUMix1hcqpC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecf50cdb5de5859eecda96936a6c7d27_JaffaCakes118

Files

ecf50cdb5de5859eecda96936a6c7d27_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bc0c26639a7b8d1252a5f02f5b69a807

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

bwaQap2YR|MbzLP2G

Imports

avifil32

AVIStreamInfoW

urlmon

HlinkSimpleNavigateToString
CoInternetIsFeatureEnabled

netapi32

NetUserGetLocalGroups

ntdll

memset

cfgmgr32

CM_Get_DevNode_Custom_PropertyW

msvcrt

_localtime64
_time64

shlwapi

StrStrIW
StrChrA

secur32

QueryContextAttributesW

oleaut32

VarCyMul

wininet

InternetInitializeAutoProxyDll
FindCloseUrlCache

ole32

OleCreateLinkFromData

winscard

SCardSetCardTypeProviderNameA
SCardBeginTransaction

advapi32

IsTokenRestricted
LogonUserW
ReportEventW
ImpersonateSelf

ws2_32

WSAGetOverlappedResult

rpcrt4

RpcStringFreeW
I_RpcSend

gdi32

GdiSetBatchLimit
RoundRect
DeleteEnhMetaFile
RestoreDC
GetViewportExtEx

kernel32

GetOEMCP
Sleep
ResumeThread
IsProcessorFeaturePresent
ApplicationRecoveryInProgress
SleepEx
GetModuleHandleW
OpenFileById
GetBinaryTypeA
CreateToolhelp32Snapshot
OpenEventW
lstrlenA
GetAtomNameW
FlushProcessWriteBuffers
GetTimeFormatA
CancelSynchronousIo
GetOverlappedResult

setupapi

SetupGetFileCompressionInfoW

ntdsapi

DsFreeDomainControllerInfoW
DsBindWithCredW

user32

UpdateWindow
GetScrollInfo
DdeCreateDataHandle
DestroyWindow
InsertMenuItemA
DdeSetUserHandle
LogicalToPhysicalPoint
LockSetForegroundWindow
wsprintfA
GetMenuItemID

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc0c26639a7b8d1252a5f02f5b69a807

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

avifil32

urlmon

netapi32

ntdll

cfgmgr32

msvcrt

shlwapi

secur32

oleaut32

wininet

ole32

winscard

advapi32

ws2_32

rpcrt4

gdi32

kernel32

setupapi

ntdsapi

user32

Sections

.text Size: 164KB - Virtual size: 164KB

.text Size: 2KB - Virtual size: 10KB

.crt Size: 4KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 164KB - Virtual size: 164KB

.text
Size: 2KB - Virtual size: 10KB

.crt
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 40KB