eeb5481fc5bb4f57bbf3ccdf074952b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eeb5481fc5bb4f57bbf3ccdf074952b0_JaffaCakes118
Size

481KB
MD5

eeb5481fc5bb4f57bbf3ccdf074952b0
SHA1

5df2765f833cde7466b6b198bbc108fd058f195e
SHA256

0270f7b3b62ab3e011e44c8cbe2a2ce0b178daaa9e59a7567dbc2297a8e0e97e
SHA512

5286c488c489724d503c85f582973872e3e07980e40bf14f6c5cb9cdde52b327ad1497998750ee83dd7be310d24062ef9aebf183944960fdc430e14e27fdb35e
SSDEEP

12288:BoRns64OCWKbrHM3AbZCVFt4zaAQK/qTerYh96vW2Jw:2nePXHuEaAdqTescWr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eeb5481fc5bb4f57bbf3ccdf074952b0_JaffaCakes118

Files

eeb5481fc5bb4f57bbf3ccdf074952b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de822a19aefdc75801a02c3cd1ba545d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinA
SHBrowseForFolderA
DragQueryFileA
SHFileOperationA

kernel32

GetModuleHandleA
GetLastError
GetCommandLineA
FreeEnvironmentStringsA
WaitNamedPipeA
TerminateProcess
IsBadWritePtr
CloseHandle
GetEnvironmentStringsW
ExitProcess
HeapCreate
EnterCriticalSection
SetFilePointer
GetTimeFormatA
LCMapStringW
GetVersionExA
EnumSystemLocalesA
GetProcessHeap
VirtualFree
SetStdHandle
UnhandledExceptionFilter
GetDateFormatA
GetCurrentThread
QueryPerformanceCounter
CompareStringA
GetTimeZoneInformation
GetLongPathNameA
CompareStringW
TlsSetValue
GetStdHandle
TryEnterCriticalSection
GetUserDefaultLCID
HeapAlloc
GetSystemInfo
GetFileType
OpenMutexA
SetHandleCount
GetStringTypeW
GetProcAddress
GetStartupInfoA
GetConsoleCP
GetCurrentProcessId
GetLocaleInfoA
LoadLibraryExW
SetLastError
TlsAlloc
VirtualProtect
WideCharToMultiByte
TlsFree
CreateMutexA
GetPrivateProfileSectionNamesW
MultiByteToWideChar
IsValidLocale
IsValidCodePage
InterlockedExchange
WriteFile
GetDriveTypeA
SetEnvironmentVariableA
RtlUnwind
FreeEnvironmentStringsW
GetModuleFileNameA
FlushFileBuffers
DeleteCriticalSection
GetCPInfo
TlsGetValue
HeapSize
ReadFile
InitializeCriticalSection
GetOEMCP
LCMapStringA
GetTickCount
GetCurrentThreadId
HeapDestroy
LoadLibraryA
GetEnvironmentStrings
GetStringTypeA
VirtualQuery
GetLocaleInfoW
GetThreadContext
GetCurrentProcess
LeaveCriticalSection
GetACP
GetSystemTimeAsFileTime
HeapFree
VirtualAlloc
HeapReAlloc

user32

RegisterClassExA
IsCharAlphaW
GetWindowPlacement
GetMenuItemRect
VkKeyScanA
DefFrameProcW
CharToOemBuffA
GetWindowInfo
SetMessageQueue
DdeNameService
IsCharAlphaNumericA
SetPropW
InvalidateRect
RegisterClassA
PostMessageW
GetCursorInfo
CascadeWindows

comdlg32

GetSaveFileNameW

advapi32

CryptContextAddRef
StartServiceA
LogonUserW
RegQueryMultipleValuesA

comctl32

InitCommonControlsEx

gdi32

PlayEnhMetaFile
ScaleViewportExtEx

Sections

.text
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de822a19aefdc75801a02c3cd1ba545d

Headers

File Characteristics

Imports

shell32

kernel32

user32

comdlg32

advapi32

comctl32

gdi32

Sections

.text Size: 353KB - Virtual size: 352KB

.rdata Size: 14KB - Virtual size: 36KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 353KB - Virtual size: 352KB

.rdata
Size: 14KB - Virtual size: 36KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 10KB - Virtual size: 9KB