JaffaCakes118_7677aa611e1bdb53f3914015560502b9

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7677aa611e1bdb53f3914015560502b9
Size

88KB
MD5

7677aa611e1bdb53f3914015560502b9
SHA1

3f319144957a041a1ba8271f8598730c10c9bce2
SHA256

6af960cced770de8745f403bfb8893ea0df44c1128a7b507e79504d0714e47f2
SHA512

2047f942dff9b94202f12844394ae97b0d30a4b5636a931ff13e12e1b71367a1d47b2d422868029348c193a36f9bc60cd9ab82fa3d821fe8a83900c2a3e75a6d
SSDEEP

1536:mO/dfDsm4Mb8ClTm7jvLoJs8lXAnsbnstYDWGCq2iW7z:fbq7linstY6GCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7677aa611e1bdb53f3914015560502b9

Files

JaffaCakes118_7677aa611e1bdb53f3914015560502b9
.exe windows:4 windows x86 arch:x86

e8c478c0ee0171a78e425f16cffc45bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Code\office\SetupUtility\EAPInstall\Release\EAPInstall.pdb

Imports

setupapi

SetupCopyOEMInfW

kernel32

FreeEnvironmentStringsW
GetLastError
LocalFree
FormatMessageW
GetModuleFileNameW
CopyFileA
GetWindowsDirectoryA
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetConsoleTitleW
CreateFileA
CloseHandle
HeapSize
WriteConsoleW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

user32

MessageBoxW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�b1��u�
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8c478c0ee0171a78e425f16cffc45bb

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

ole32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 2KB

�b1��u� Size: 20KB - Virtual size: 20KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 2KB

�b1��u�
Size: 20KB - Virtual size: 20KB