e82cb749c79a2d88988c01f19eea0d45_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e82cb749c79a2d88988c01f19eea0d45_JaffaCakes118
Size

42KB
MD5

e82cb749c79a2d88988c01f19eea0d45
SHA1

312fcacacd4e34c89367e153d1c014029f348517
SHA256

18819f77f8e993187a6a1b5b7a82f797f6dfa559f7f5cff4be93c244d458a2b1
SHA512

749c0dd0097a9e59cc386be84a8b36f278ae81a90b2076b40c6fc89ac28816ad298801b4a59bf5dddf5d5b47a7ba2e4af4863187ad074166d2190b3d3b1e83fe
SSDEEP

768:s6r/dB/RPEbFLKX2P3CI7sr3Vh1x4oAmUc+88xM:5rdB/RPEFLKXy3CIIrL4xmB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e82cb749c79a2d88988c01f19eea0d45_JaffaCakes118

Files

e82cb749c79a2d88988c01f19eea0d45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee2733cd84694ad8a58c82742590d804

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetStdHandle
WaitForMultipleObjectsEx
DefineDosDeviceW
GetLastError
MapViewOfFile
FindAtomW
HeapAlloc
SetThreadContext
GetThreadLocale
GlobalAlloc

user32

SwitchToThisWindow
GetTabbedTextExtentA
SetMenuDefaultItem
GetClassNameW
MapWindowPoints
DefWindowProcW
SetDlgItemInt
DeleteMenu
AnimateWindow
DrawTextA
SendIMEMessageExW
SubtractRect
wsprintfW
GetClipboardFormatNameW
IsMenu
DdeConnect
DdeAddData
GetKeyboardLayoutNameW
DlgDirSelectComboBoxExW
EnableWindow
IsZoomed
DrawMenuBarTemp
EnumWindowStationsW
SendNotifyMessageW
GetDlgItemInt
DdeConnectList
TrackMouseEvent
SetPropA
GetDialogBaseUnits
ShowCaret
OffsetRect
ReleaseDC
IMPQueryIMEA
DlgDirSelectComboBoxExA
LockWindowStation
DefFrameProcW
UpdateLayeredWindow
DeferWindowPos
IsCharUpperW
LoadCursorFromFileW
InvalidateRgn
LockSetForegroundWindow
PostMessageW
CharToOemA
IsClipboardFormatAvailable
DdeDisconnect
GetClassInfoExW

gdi32

SetColorAdjustment
CreateHalftonePalette
CreateColorSpaceA
FillPath
SetStretchBltMode
GdiIsMetaPrintDC
OffsetWindowOrgEx
PtVisible
GetTextExtentExPointWPri
GdiTransparentBlt
EngDeleteSurface
STROBJ_bEnumPositionsOnly
DPtoLP
GetPath
GetObjectA
EnumICMProfilesA
EnumFontFamiliesW
GdiSetLastError
SwapBuffers
cGetTTFFromFOT
GetGlyphIndicesA

comdlg32

GetOpenFileNameW
PrintDlgA
ReplaceTextA
CommDlgExtendedError
GetFileTitleW
PageSetupDlgA
FindTextW
ChooseColorA

psapi

InitializeProcessForWsWatch
GetDeviceDriverFileNameA
GetModuleBaseNameA
GetDeviceDriverBaseNameA
GetModuleBaseNameW
GetDeviceDriverFileNameW
QueryWorkingSet
EnumProcesses
EnumProcessModules
GetProcessMemoryInfo
EmptyWorkingSet
GetDeviceDriverBaseNameW
GetMappedFileNameW
GetModuleFileNameExA
GetWsChanges
EnumDeviceDrivers
GetMappedFileNameA

comctl32

InitCommonControlsEx
DrawStatusText
CreateToolbarEx
FlatSB_GetScrollInfo
CreateStatusWindow
ImageList_SetImageCount
ImageList_GetImageRect
ImageList_BeginDrag
ImageList_Merge
FlatSB_GetScrollProp
ImageList_DrawIndirect
ImageList_SetFlags
ImageList_LoadImageA
ImageList_AddIcon
ImageList_Draw
ImageList_SetDragCursorImage
PropertySheetW
PropertySheet
ImageList_GetDragImage
MakeDragList
ImageList_DragMove
ImageList_ReplaceIcon
CreateStatusWindowW
CreateMappedBitmap

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee2733cd84694ad8a58c82742590d804

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 4KB