eff8c49b4e3404ecbcf78f623b710c77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eff8c49b4e3404ecbcf78f623b710c77_JaffaCakes118
Size

457KB
MD5

eff8c49b4e3404ecbcf78f623b710c77
SHA1

81755443a1180f336ed3256f7847c5cb29fc51d2
SHA256

e45987f33b341cc21087d1d72238ebbbef608426e5b629800fc1cc707f05704e
SHA512

e4755035c538ee3140042dcfbfc027865e8f8968fc4d9e8dec95d78093bd39e6fc977e06ca3068d50cb5cd2befa9e5b03673d49c41b34174c709a1482a8789bd
SSDEEP

12288:Z4HocCrHPqwiATgNEpOFGaCFQbu3WNo6T2pfbH6uhVc:BcCrHPINm6Ga4QbmMOz6Ic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eff8c49b4e3404ecbcf78f623b710c77_JaffaCakes118

Files

eff8c49b4e3404ecbcf78f623b710c77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6ec3aeae8ca73c943f2661ed46e9dea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayGetLBound
VariantCopy
SafeArrayGetElement
LoadTypeLi
SafeArrayRedim
SafeArrayCreate

user32

CreateMenu
EnumDesktopsA
ShowScrollBar
EmptyClipboard
CharLowerA
WinHelpA
CascadeWindows
GetClassInfoA
CreateWindowStationW
IsMenu
GetProcessDefaultLayout
DestroyWindow
DestroyIcon
ActivateKeyboardLayout
PeekMessageA
SetMenuItemInfoW
SetLastErrorEx

ws2_32

WSAIsBlocking
WSAAsyncGetHostByName
WSASetLastError
WSALookupServiceBeginA
WSADuplicateSocketA

kernel32

ScrollConsoleScreenBufferA
lstrcatW
CreateMutexA
EnumResourceNamesW
SizeofResource
GetEnvironmentStringsW
GetOEMCP
GlobalAddAtomA
FindCloseChangeNotification
DebugBreak
ReadConsoleInputW
SwitchToFiber
SetProcessWorkingSetSize
GetFileAttributesA
GetConsoleMode
OpenFile
ExitProcess
CopyFileExW
_hread
SuspendThread
SetVolumeLabelA
GetConsoleCursorInfo
GetModuleFileNameW
ReadFileScatter
GetProcessTimes
GetSystemTimeAdjustment
ReleaseSemaphore
GetFileAttributesExA
SetSystemTime
GenerateConsoleCtrlEvent
GetSystemInfo

advapi32

CryptDestroyHash
GetSecurityDescriptorLength
AccessCheckAndAuditAlarmW
SetFileSecurityW
RegOpenKeyExA
CreateServiceA
LogonUserA
SetPrivateObjectSecurity
AccessCheckAndAuditAlarmA
AllocateLocallyUniqueId
AllocateAndInitializeSid
RegLoadKeyW
CryptEncrypt

msvcrt

_wcsnset
_fsopen
fputc
system
_vsnprintf
_strrev
_mbslen
iswxdigit
isalpha
_spawnv
_stricmp
wcstombs
_cwait

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6ec3aeae8ca73c943f2661ed46e9dea

Headers

File Characteristics

Imports

oleaut32

user32

ws2_32

kernel32

advapi32

msvcrt

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 262KB - Virtual size: 262KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 262KB - Virtual size: 262KB

.rsrc
Size: 16KB - Virtual size: 16KB