JaffaCakes118_eae19cbb5b97ce045bf8ad23d80a867c

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_eae19cbb5b97ce045bf8ad23d80a867c
Size

401KB
MD5

eae19cbb5b97ce045bf8ad23d80a867c
SHA1

95e6566eaad49349988e38c39a112b32cd4120de
SHA256

7a38c053d7794b247abf495330b2c26e92825ef15c428e86b0e587e2ae264117
SHA512

0bd3761d4289ed7ffbeffd49dcd472106904eed5aa6b2ec7a0c2891de7e14a9feedcb293c74f5584781c191f208616add77f6b6480983b473b24d8adc49f011b
SSDEEP

6144:Q5VybgaUV4kgV4YHRBduhafN7FY7WXGNJ:6ybgvAxHweFY7WXm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_eae19cbb5b97ce045bf8ad23d80a867c

Files

JaffaCakes118_eae19cbb5b97ce045bf8ad23d80a867c
.exe windows:4 windows x86 arch:x86

b90ad766f05a0095e6c521f56485a931

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

OfficeDesktop.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW

kernel32

RtlUnwind
GetLastError
GetVersion
VirtualFree
LeaveCriticalSection
InterlockedIncrement
HeapFree
GetACP
TlsAlloc
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetEnvironmentStrings
HeapReAlloc
UnhandledExceptionFilter
GetStringTypeA
GetModuleFileNameA
GetVersionExA
GetSystemTimeAsFileTime
LCMapStringW
CloseHandle
GetFileType
SetStdHandle
GetStdHandle
GetOEMCP
TlsFree
TerminateProcess
TlsSetValue
TlsGetValue
WideCharToMultiByte
ExitProcess
FreeEnvironmentStringsW
GetCurrentThreadId
InterlockedDecrement
WriteFile
HeapCreate
IsBadCodePtr
SetUnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStringsW
GetTickCount
GetStringTypeW
FreeEnvironmentStringsA
GetModuleHandleA
FlushFileBuffers
SetLastError
SetHandleCount
GetCommandLineA
DeleteCriticalSection
HeapDestroy
SetFilePointer
MultiByteToWideChar
GetCurrentProcess
IsBadReadPtr
LCMapStringA
GetEnvironmentVariableA
HeapAlloc

user32

LoadStringW
KillTimer
SetWindowPos
SetWindowRgn
ShowWindow
CreateWindowExW
RegisterClassW
GetMonitorInfoW
LoadAcceleratorsW
LoadCursorW
DefWindowProcW
GetWindowRect
PostQuitMessage
LoadIconW
PostMessageW
OffsetRect
EndPaint
GetWindowLongW
TranslateAcceleratorW
AnimateWindow
IsIconic
BeginPaint
GetMessageW
MonitorFromWindow
DispatchMessageW
TranslateMessage
SetTimer

gdi32

BitBlt
CreateCompatibleDC
DeleteObject
CreateRoundRectRgn

imm32

ImmGetContext
ImmReleaseContext

msimg32

GradientFill
AlphaBlend

ole32

DoDragDrop

shell32

DragFinish
DragAcceptFiles

winmm

PlaySoundW

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b90ad766f05a0095e6c521f56485a931

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

gdi32

imm32

msimg32

ole32

shell32

winmm

winspool.drv

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 336KB - Virtual size: 335KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 336KB - Virtual size: 335KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 12KB - Virtual size: 11KB