fe04864c4ebf2233fee6be401252ebf8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe04864c4ebf2233fee6be401252ebf8_JaffaCakes118
Size

528KB
MD5

fe04864c4ebf2233fee6be401252ebf8
SHA1

9df0294721bcca4d52f6e16c504c0440e094db25
SHA256

fb4457707bd6e99b7d225d02078dda83fa8204766e63221e68530636004c8aee
SHA512

244826a78265e42ae9ae736e44a47fe5ef6a5879f545392bc3ad0fda2d4d0e9eaef899c92356ecf04a1824ddb141af4be09e13978e492c1b1e1641ff6caa5385
SSDEEP

12288:m4fjGler6j8Q340Jutw6Gynzq1tKPleIFZoU1:Fej8WB5MLLFW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe04864c4ebf2233fee6be401252ebf8_JaffaCakes118

Files

fe04864c4ebf2233fee6be401252ebf8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ac3d307b52d47ef686c357a6c0c9adaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ehrjrhw.pdb

Imports

secur32

FreeContextBuffer
FreeCredentialsHandle

mscms

GetStandardColorSpaceProfileW

clusapi

GetClusterFromResource

msvcrt

malloc
setvbuf
strtol

oleaut32

LoadRegTypeLi
GetRecordInfoFromTypeInfo

kernel32

LoadResource
GetConsoleCursorInfo
GetBinaryTypeA
LoadLibraryW
GetDiskFreeSpaceA
FlushFileBuffers
LoadLibraryExA
FindResourceExA
GetTapePosition
GetCurrentThread
EnumSystemLocalesA
FindFirstFileExW
GetStdHandle
GetThreadContext
GetOverlappedResult
GetCurrentThreadId
GetFileSize
GetTapeParameters
GetConsoleScreenBufferInfo
WriteProfileStringW
GetTimeFormatA
GetProcessTimes
GetWindowsDirectoryA
GetStartupInfoW
GlobalLock
GetConsoleWindow
GetProcAddress
FindFirstFileExA
FoldStringW
GetLogicalDriveStringsA
GetAtomNameW
EnumTimeFormatsA
GetModuleFileNameA
GetModuleHandleA
SetSystemFileCacheSize
AreFileApisANSI
SetFileApisToANSI
SetFileApisToOEM
GetCommandLineA
GetCurrencyFormatA
GlobalAddAtomA
GetThreadTimes
LockResource
GetVolumeInformationW
DeleteTimerQueue

urlmon

FaultInIEFeature

shell32

FindExecutableA

wininet

FindFirstUrlCacheEntryExA
FindNextUrlCacheEntryExW
FindNextUrlCacheEntryExA

ole32

GetRunningObjectTable

winspool.drv

GetPrintProcessorDirectoryW

user32

DialogBoxParamA
GetRawInputDeviceList
EnumThreadWindows
FlashWindowEx
GetScrollPos
DefMDIChildProcW
DestroyMenu
GetKeyboardLayoutNameA
GetTabbedTextExtentW
FreeDDElParam
GetClassInfoExW
GetClassNameA
GetMenuDefaultItem
InsertMenuItemA
GetClassLongA
IsWindowUnicode
GetSubMenu
IsMenu
PackDDElParam
GetDesktopWindow
GetInputState
GetRawInputData
DestroyIcon

gdi32

GetPath
GetSystemPaletteUse
ExtTextOutW
GetPaletteEntries
GetTextExtentPointA
GetCharWidthFloatA
GetTextCharset
GetDeviceCaps

advapi32

GetSecurityDescriptorDacl
LookupPrivilegeDisplayNameA
EqualDomainSid
LookupAccountSidA
GetSidSubAuthorityCount
GetCurrentHwProfileW
DeleteAce
LookupPrivilegeDisplayNameW

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 370KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac3d307b52d47ef686c357a6c0c9adaf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

secur32

mscms

clusapi

msvcrt

oleaut32

kernel32

urlmon

shell32

wininet

ole32

winspool.drv

user32

gdi32

advapi32

Sections

.text Size: 151KB - Virtual size: 150KB

.data Size: 370KB - Virtual size: 376KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 151KB - Virtual size: 150KB

.data
Size: 370KB - Virtual size: 376KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB