ee28d380d4df330120b513c2421bb599_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ee28d380d4df330120b513c2421bb599_JaffaCakes118
Size

10KB
MD5

ee28d380d4df330120b513c2421bb599
SHA1

ba7985f274171368994fd61d70238d27bcfe319b
SHA256

d7628c701beed542482944b7068653854a866bb0732aa6d3fe59e0e1831db69c
SHA512

81de4306c7f7cb2ca7fa25d6a0c2459f1c8afbf9ca1f58665783470be91de7481529a90ba657d987e110ea026847a413ddb518dbc8e0b80219eb54efa0b4879a
SSDEEP

192:knzJsINorN/ATwN8QF6Hu2SZU3tJDM2alRzZ9u79H48GVZsc:knNsWor+02HUkrI2alRd9xFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee28d380d4df330120b513c2421bb599_JaffaCakes118

Files

ee28d380d4df330120b513c2421bb599_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ab0ad794a74c4da9f477270bcd95b29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
CreateMailslotW
ExitProcess
FreeEnvironmentStringsW
GetComputerNameW
GetFullPathNameA
GetProcAddress
GetProfileSectionW
GlobalDeleteAtom
IsBadHugeWritePtr
MulDiv
OpenSemaphoreA
ReadFileEx
ReleaseMutex
SetEnvironmentVariableA
SetThreadAffinityMask
SetVolumeLabelW
TransmitCommChar
VirtualProtectEx
WritePrivateProfileStructA
lstrcmpW

advapi32

AccessCheckAndAuditAlarmA
AllocateLocallyUniqueId
BuildTrusteeWithNameW
ClearEventLogA
CloseServiceHandle
ConvertAccessToSecurityDescriptorA
ConvertSecurityDescriptorToAccessW
CreateProcessAsUserA
CryptAcquireContextA
DeleteAce
GetMultipleTrusteeA
GetOverlappedAccessResults
GetSidSubAuthorityCount
LookupAccountNameW
RegCreateKeyExW
RegDeleteValueA
RegEnumValueA
RegReplaceKeyA
RegisterEventSourceW
ReportEventA
UnlockServiceDatabase

user32

AnimateWindow
CharToOemBuffA
CharToOemW
CloseClipboard
DdeQueryStringA
DdeQueryStringW
DefMDIChildProcW
DrawCaptionTempA
EnumDisplaySettingsExW
GetClassWord
GetProcessDefaultLayout
GetSysColorBrush
GetWindowThreadProcessId
IMPQueryIMEW
InvalidateRgn
IsDialogMessageW
IsWindowEnabled
IsWindowUnicode
LoadMenuA
LoadMenuIndirectW
MapVirtualKeyExW
MessageBoxExW
MonitorFromRect
RegisterSystemThread
RemovePropW
SendNotifyMessageA
SetMenuItemInfoW
SetProcessWindowStation
ToUnicodeEx
WinHelpA

gdi32

AddFontResourceA
CancelDC
CreatePolyPolygonRgn
DeleteColorSpace
DescribePixelFormat
DeviceCapabilitiesExA
DrawEscape
ExtCreateRegion
GdiPlayScript
GetCharABCWidthsFloatA
GetCharWidth32W
GetCharWidthFloatW
GetCharWidthW
GetEnhMetaFileW
GetMetaFileW
GetTextExtentPointA
OffsetViewportOrgEx
RectInRegion
SetDIBColorTable
SetTextColor
SetViewportExtEx
SetWinMetaFileBits
SetWindowExtEx
StartDocA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ab0ad794a74c4da9f477270bcd95b29

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 8KB - Virtual size: 24KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 24KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 8KB