eec11310f2b78e3ff11b4aae48c218a8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eec11310f2b78e3ff11b4aae48c218a8_JaffaCakes118
Size

21KB
MD5

eec11310f2b78e3ff11b4aae48c218a8
SHA1

6fdb629c15ff3278d6f463d03f724472c392f4e3
SHA256

ab5d9284c77fcab70423157e3e674566a97bc3dbd59602eeb7e0559c13f3c040
SHA512

d1df4c8780e049a5fd04a6fe9835bd5dc2f49fec5a0843e201cc9ea27157010584da9c8047ec4d8c6972705ca3295562ff9ceb9a9db47bb6738dd998130089d1
SSDEEP

384:kDHxakCAZwW5CClwHMVHNT9N9mc5wLPEKhks1PMCnn:kDxaW0CNH+6Yc6PMCnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eec11310f2b78e3ff11b4aae48c218a8_JaffaCakes118

Files

eec11310f2b78e3ff11b4aae48c218a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

098bbb637d0d021e69dbfd7b16bb73f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

zlib1

inflateEnd
inflate
crc32
inflateInit2_
get_crc_table

user32

OemToCharBuffA
wsprintfW
PeekMessageW
SendMessageW
ShowWindow
CheckDlgButton
LoadIconW
SetClassLongW
EndDialog
IsDlgButtonChecked
GetDlgItemTextW
PostMessageW
SetDlgItemTextW
DialogBoxParamW
GetDlgItem
TranslateMessage
DispatchMessageW
MessageBoxW
SendDlgItemMessageW
EnableWindow

gdi32

CreateFontW
DeleteObject

comctl32

ord17

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

DragFinish
DragQueryFileW
ShellExecuteW
DragAcceptFiles

msvcrt

towlower
_controlfp
fwrite
wcsstr
wcslen
strlen
fclose
ftell
fseek
_wfopen
wcscat
memmove
strrchr
wcscpy
wcscmp
fwprintf
fread
malloc
free
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

kernel32

CreateProcessW
ReadFile
GetStartupInfoW
GetLastError
FormatMessageW
LocalFree
GetTempPathW
GetTickCount
GetVersionExW
CreatePipe
lstrlenW
GetModuleHandleW
CreateFileW
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
lstrcpyW
FindFirstFileW
CreateThread
GetModuleFileNameW
CreateDirectoryW
GetTempFileNameW
SetFileAttributesW
DeleteFileW
FindNextFileW
RemoveDirectoryW
MultiByteToWideChar
lstrcatW
FindClose

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

098bbb637d0d021e69dbfd7b16bb73f8

Headers

File Characteristics

Imports

zlib1

user32

gdi32

comctl32

comdlg32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 3KB