e7ccc46cec4956b90a79c579bbdbafa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7ccc46cec4956b90a79c579bbdbafa2_JaffaCakes118
Size

216KB
MD5

e7ccc46cec4956b90a79c579bbdbafa2
SHA1

e47427afee32884b57246b7c4213572b8b210729
SHA256

19648a27d088453855a6d1a1492d03d9dabe2ee56cc30fc27f5ba75e3dd1ebae
SHA512

a90522588a81e830ed6009ca408b3a2c3b593f9f914172f2fd0e9ba595a4162c2c7ff62f5e82dde62e91f123ad89d54493c9f590d019fc7c92290c7676230d37
SSDEEP

3072:XvoXZeQjU9Pu6Uc6dTKB/oCBjCozuZpvxlbxNFu1mo/g/w:/UeWU9m6n/oDpJlVW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7ccc46cec4956b90a79c579bbdbafa2_JaffaCakes118

Files

e7ccc46cec4956b90a79c579bbdbafa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c5b8c6d33c00df1333bf23837811423

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
TerminateProcess
HeapFree
GetCommandLineA
RtlUnwind
GetStartupInfoA
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
GetTimeZoneInformation
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FindResourceA
GetLastError
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
lstrcpynA
MulDiv
SetLastError
SizeofResource
LoadResource
VirtualAlloc
MultiByteToWideChar
WriteFile
LockResource
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
FreeLibrary
lstrlenA
LoadLibraryA
GlobalGetAtomNameA
GetVersion
lstrcatA
lstrcpyA
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
GetModuleHandleA
GetProcAddress
GlobalFree
GlobalAlloc
GlobalLock
IsBadWritePtr
GlobalDeleteAtom
SetUnhandledExceptionFilter
VirtualFree
UnmapViewOfFile
IsBadReadPtr
CopyFileA
GetTempPathA
DeleteFileA
GetProfileStringA
MapViewOfFile
CreateFileMappingA
CreateFileA
CloseHandle

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
ReleaseDC
GetDC
LoadStringA
DestroyMenu
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CharUpperA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
InflateRect
InvalidateRect
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
CopyRect
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetPropA
UnhookWindowsHookEx
GetPropA
GetMessageTime
GetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
GetMessagePos
ScreenToClient
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetWindowTextLengthA
GetMenuItemCount
GetMenuItemID
AppendMenuA
SendMessageA
LoadIconA
RemovePropA
CallWindowProcA
GetWindow
SetForegroundWindow
GetClassLongA
ExcludeUpdateRgn
DefDlgProcA
UnregisterClassA
IsWindowUnicode
CharNextA
ShowCaret
DrawFocusRect
HideCaret

gdi32

SetBkColor
GetObjectA
SetTextColor
DeleteDC
PatBlt
SaveDC
RestoreDC
GetStockObject
SelectObject
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
GetClipBox

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ord17

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c5b8c6d33c00df1333bf23837811423

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 68KB - Virtual size: 65KB