e3c7a712d0aa4db4b62ca2a2abc3af89_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e3c7a712d0aa4db4b62ca2a2abc3af89_JaffaCakes118
Size

396KB
MD5

e3c7a712d0aa4db4b62ca2a2abc3af89
SHA1

80ebc294329a7d40e6ac13feedf0b5554fdf8a38
SHA256

c46d526ed752a808427220c412135972ed2fbfac2476b9fcd6b74b330e4dc9a3
SHA512

814df1437244043bfd5a7803b208695badc87b3a862f24f25b838b8eaee82c91314d5fdd2f52286494fd2499da48a1efb4738235eddc94bd04b7dc14d4cde8fb
SSDEEP

6144:Z0sTdSkul5CpfZsu43jx0HdEouuj5axxn7JCpIKxZU/bc92A6mJOl:qG7pfZsu43d0HdEFuj5EpNbWAcsoOl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3c7a712d0aa4db4b62ca2a2abc3af89_JaffaCakes118

Files

e3c7a712d0aa4db4b62ca2a2abc3af89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01ece61e4ccf11d7b346e3e7d3e9f105

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassNameA
GetShellWindow
wsprintfW

urlmon

CoInternetCombineUrl

pdh

PdhGetCounterInfoW

ntdsapi

DsFreeSpnArrayA

comdlg32

PageSetupDlgW
ChooseColorA

setupapi

SetupBackupErrorA

kernel32

GetTapeStatus
DeleteTimerQueue
GetFirmwareEnvironmentVariableA
CreateThread
lstrlenA
GetModuleFileNameA
SetFirmwareEnvironmentVariableA
GetCommandLineA
GetModuleHandleA
HeapWalk

imm32

ImmDestroyContext

ole32

HMENU_UserUnmarshal

msvcrt

memcpy
wcstoul
isalnum

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HunyjzY
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:EA?PHuF
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

%u_^
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

;4H;
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01ece61e4ccf11d7b346e3e7d3e9f105

Headers

File Characteristics

Imports

user32

urlmon

pdh

ntdsapi

comdlg32

setupapi

kernel32

imm32

ole32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 268KB

DATA Size: 196KB - Virtual size: 195KB

HunyjzY Size: 16KB - Virtual size: 12KB

:EA?PHuF Size: 16KB - Virtual size: 15KB

%u_^ Size: 36KB - Virtual size: 32KB

;4H; Size: 28KB - Virtual size: 27KB

.crt Size: 12KB - Virtual size: 9KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 268KB

DATA
Size: 196KB - Virtual size: 195KB

HunyjzY
Size: 16KB - Virtual size: 12KB

:EA?PHuF
Size: 16KB - Virtual size: 15KB

%u_^
Size: 36KB - Virtual size: 32KB

;4H;
Size: 28KB - Virtual size: 27KB

.crt
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 68KB - Virtual size: 64KB