e7ecb3a9addec22813eb805fb72f18ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7ecb3a9addec22813eb805fb72f18ef_JaffaCakes118
Size

37KB
MD5

e7ecb3a9addec22813eb805fb72f18ef
SHA1

13fb760aa836391e1ecb0eb46495bb9543ba4bfe
SHA256

e376e4c25a88e678039f5fd605ade61ea85d9e85b55b1e8cb1520dba608862df
SHA512

cc5bd2d92542c8c43097790a8f27c186cae5c1e937715942b5449a976c276d86fc29287e381722a29871b64f861f6114ce7cf8d9f0be4ada0c6874f999ca5280
SSDEEP

768:wQyamyW/I6+dhZ9go/RLOZ7xI4vQbEGitYsmwhYO:DjmFodp/+vQbl7sdaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7ecb3a9addec22813eb805fb72f18ef_JaffaCakes118

Files

e7ecb3a9addec22813eb805fb72f18ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2be2dbf064d3b71d26f35f0429c80189

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateFileW
lstrcmpW
CreateEventW
DeleteCriticalSection
LoadLibraryW
HeapReAlloc
WritePrivateProfileSectionA
GlobalAlloc
GetProcAddress
GetProcessHeap
GetTempPathA
SetHandleCount
VirtualProtect
VirtualFree
GlobalSize
WaitForSingleObject
GetDriveTypeW
WritePrivateProfileSectionW
SetErrorMode
GetNumberFormatW
CreateEventA
LocalFileTimeToFileTime
lstrcpyW
GetComputerNameA
SystemTimeToFileTime
GetModuleHandleA
ExitThread
ReleaseMutex
DeleteFileW
OutputDebugStringW
GetVersionExA
FormatMessageW

msvcrt

_exit
memmove
strerror
rand
_controlfp
_CxxThrowException
wcstok
_onexit
_wcmdln
fprintf
malloc
__setusermatherr
wcsrchr
memset
_wcsnicmp
exit

user32

UnregisterClassW
CopyRect
RegisterWindowMessageW
SetDlgItemInt
DrawTextW
DrawEdge
GetMessageW
IntersectRect
SystemParametersInfoA
GetProcessWindowStation
GetSystemMenu
RegisterClassW
LoadCursorW
MsgWaitForMultipleObjects
FrameRect
SetWindowTextA
CreateDialogParamW
FillRect
PostThreadMessageW
IsWindowEnabled
PostMessageW
DefDlgProcW
wsprintfA
EnableWindow
SendDlgItemMessageW

gdi32

CreateRoundRectRgn
Rectangle
SelectObject
DeleteDC
DeleteObject
CreateCompatibleDC
GetObjectA
ExtTextOutW
CreateCompatibleBitmap
GetTextMetricsW
SelectPalette
GetTextExtentPointW
RealizePalette
SetStretchBltMode
GetRegionData
CreatePen
StretchBlt
SetTextAlign
SetWindowExtEx
CreateBitmap
MoveToEx

tapi32

lineAddProviderW
tapiRequestMediaCallA
phoneGetLamp
MMCInitialize
lineGetIDW
lineSetAgentMeasurementPeriod
phoneShutdown
lineCompleteCall

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2be2dbf064d3b71d26f35f0429c80189

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 36B

.data Size: 51KB - Virtual size: 51KB

.edata Size: 39KB - Virtual size: 38KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 138B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 36B

.data
Size: 51KB - Virtual size: 51KB

.edata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 138B