2eeaa5315e1873db2f87de38e8303ad8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2eeaa5315e1873db2f87de38e8303ad8_JaffaCakes118
Size

89KB
MD5

2eeaa5315e1873db2f87de38e8303ad8
SHA1

3da6ee70e8f1539054b6ae7ec38ce90cfc0a55db
SHA256

86901695de4951d4b396913a3212a4aff4e447178827a52d5479f14604e94a46
SHA512

d849ae166cbc4dade5f2e1e1c344e357f7f7f442da541566944f8410f9f50748c728182628e84f1585189eb80b8d31c23395afa075f02579a28c058ff5228640
SSDEEP

1536:jL7JYA47AgOeSNymHOP2/UZChFFdMoY7AIir3uCpoEXBe/RiIw3WNR6tBM2G:jhYAQAvFHl/UZCh5BY7OrupgBowIw3W1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eeaa5315e1873db2f87de38e8303ad8_JaffaCakes118

Files

2eeaa5315e1873db2f87de38e8303ad8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b70e9041b00cc982cb15a863eca1b19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetFolderPathA

advapi32

RegLoadKeyA
RegEnumValueA
RegQueryValueA
GetLengthSid

ole32

CoRegisterClassObject
WriteClassStm
CoTaskMemFree
CoDisconnectObject
CoCreateGuid
CoUninitialize

shlwapi

SHEnumValueA
SHStrDupA
PathGetCharTypeA
SHDeleteKeyA
SHQueryValueExA
SHQueryInfoKeyA
SHGetValueA
SHSetValueA
PathFileExistsA

comdlg32

ChooseColorA
GetOpenFileNameA

msvcrt

calloc
wcstol
rand
memcpy
memmove
clock
wcschr
_acmdln

gdi32

CreateBitmap

kernel32

lstrlenA
CreateEventA
ExitThread
GetModuleFileNameA
GetUserDefaultLCID
GetTickCount
GlobalAlloc
RaiseException
GetCurrentThread
VirtualAlloc
VirtualAllocEx
GetCPInfo
GetFileSize
LoadLibraryExA
GetFullPathNameA
GetLastError
lstrcmpiA
GetCurrentThreadId
lstrcmpiA
FreeLibrary
Sleep
GetOEMCP
GetCurrentProcess
ExitProcess
HeapAlloc
GetFileSize
SetHandleCount
SetFilePointer
SetLastError
lstrcatA
ReadFile
GetLastError
LocalAlloc
DeleteCriticalSection
CreateFileA

version

GetFileVersionInfoA

user32

GetSubMenu
CheckMenuItem
EndPaint
GetMenuItemInfoA
EqualRect
GetActiveWindow
RegisterClassA
GetCursorPos
IsDialogMessageA
GetScrollRange
DefWindowProcA
DispatchMessageA
IsWindowEnabled
GetDCEx
CallNextHookEx

Sections

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b70e9041b00cc982cb15a863eca1b19

Headers

File Characteristics

Imports

shell32

advapi32

ole32

shlwapi

comdlg32

msvcrt

gdi32

kernel32

version

user32

Sections

.rdata Size: 30KB - Virtual size: 30KB

.bss Size: 47KB - Virtual size: 46KB

.init Size: 6KB - Virtual size: 6KB

BSS Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 571B

.rdata
Size: 30KB - Virtual size: 30KB

.bss
Size: 47KB - Virtual size: 46KB

.init
Size: 6KB - Virtual size: 6KB

BSS
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 571B