e7aad826559c8448cd8ba9f53f401182_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7aad826559c8448cd8ba9f53f401182_JaffaCakes118
Size

128KB
MD5

e7aad826559c8448cd8ba9f53f401182
SHA1

2ddd654437a48974f241f81a9d645a7374b82bec
SHA256

1a45085e959a449637a89174b1737f4d03d7e73dd7acfa3cfb96042a735cf400
SHA512

82782d6e26fad2175c0aa9cf23e056ea8ca031693a9720141c0e8db9b3cd985a5edeb3a59cabf7a13b0ff8a8be54393cea49130c69c0d9e50a896dd982406d4f
SSDEEP

3072:9odfYj0xJPUCFL+Giuc6rcKiQc4hNguXAMMXEH387J/Xe:uNYWPxFLwwcBchNPZbHsp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7aad826559c8448cd8ba9f53f401182_JaffaCakes118

Files

e7aad826559c8448cd8ba9f53f401182_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34073180b302d6293a6d1bd5e321b002

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetConversionListW
ImmGetDescriptionW
ImmEnumRegisterWordW
ImmRegisterWordW
ImmGetDescriptionA
ImmGetIMEFileNameA
ImmGetCandidateListW
ImmGetStatusWindowPos
ImmInstallIMEA
ImmGetCompositionFontA
ImmConfigureIMEW
ImmGetCompositionStringA
ImmSetCompositionFontW

gdi32

EnumFontFamiliesA
GetClipRgn
CreateFontIndirectA
GetCharWidthA
GetBitmapBits
ExtFloodFill
CreatePen
RealizePalette
CreateFontW
SetDIBColorTable
GetSystemPaletteEntries
CloseEnhMetaFile
ScaleViewportExtEx
SaveDC
CreateEllipticRgn
SetDeviceGammaRamp
RestoreDC
DPtoLP
GetTextFaceA
GetObjectA
PolyBezier
CreateICA
SetTextAlign
GetBrushOrgEx
GetRgnBox
GetTextColor
StartDocA
Chord
CreateMetaFileA
CreateRectRgn
GetEnhMetaFilePaletteEntries

advapi32

RegSetValueA
OpenSCManagerW
EnumServicesStatusA
GetSidIdentifierAuthority
AdjustTokenPrivileges
CopySid
RegCreateKeyExW
GetSidSubAuthority
ReadEventLogW
LsaFreeMemory
GetEffectiveRightsFromAclW
ReportEventW
CreateServiceW
RegQueryInfoKeyW
RegEnumKeyExA
LookupPrivilegeValueW
OpenServiceA
SetServiceStatus

version

GetFileVersionInfoA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW

urlmon

RegisterFormatEnumerator
RegisterBindStatusCallback
RegisterMediaTypes
FindMimeFromData
CoInternetGetProtocolFlags
CoInternetCreateSecurityManager

kernel32

LocalFlags
GetCalendarInfoW
LoadLibraryW

msvcrt

_controlfp
_snwscanf
__set_app_type
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p__fmode
_ltoa
_ctime64
log
_acmdln

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34073180b302d6293a6d1bd5e321b002

Headers

File Characteristics

Imports

imm32

gdi32

advapi32

version

urlmon

kernel32

msvcrt

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 121KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 121KB

.rsrc
Size: 56KB - Virtual size: 55KB