e85c39a8227558e40b41d92ecc85077c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e85c39a8227558e40b41d92ecc85077c_JaffaCakes118
Size

588KB
MD5

e85c39a8227558e40b41d92ecc85077c
SHA1

e6f37695c2507edcb199e261765c287881dc94bf
SHA256

b5bdea3af1998b43d6460eef4de7d8539344e38b7dceec138cedb18050d00bf3
SHA512

b97450acaa5f64d9c5990540623201b793e6d6c7f4d67b4b3a7bba3caafbde1525737988bbcb3305b52199873c93f1fa57c2856d8dc30ddc91c8ec9256c4d680
SSDEEP

12288:tPZjHmgFNRDb5+IuXH4clFQN0C5+CN4UtnVyrJ6weW:tPZHzRDl+Iu31l+X5+CN4UtUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e85c39a8227558e40b41d92ecc85077c_JaffaCakes118

Files

e85c39a8227558e40b41d92ecc85077c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8975a9e39ce2c9633c59d8e539d0eee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetComputerNameW
IsDebuggerPresent
GetProcessHeap
ExitProcess
GetStringTypeA
CreateDirectoryA
FreeLibrary
FlushFileBuffers
CommConfigDialogA
GetCurrentProcessId
SetHandleCount
GetVersionExA
Sleep
WriteConsoleW
AllocConsole
GetEnvironmentStrings
WritePrivateProfileSectionW
GetConsoleOutputCP
GetTimeZoneInformation
UnhandledExceptionFilter
InterlockedIncrement
GetCommandLineA
GetModuleHandleA
CreateMutexA
GlobalFree
LCMapStringA
SetWaitableTimer
SetFilePointer
IsValidCodePage
ExpandEnvironmentStringsW
WriteConsoleOutputCharacterW
GetDateFormatA
HeapReAlloc
WriteFile
TlsFree
SetEnvironmentVariableA
WideCharToMultiByte
SleepEx
VirtualQuery
InterlockedDecrement
GetStringTypeW
OpenWaitableTimerW
GetNamedPipeInfo
OpenMutexA
GetCommandLineW
CreateFileMappingW
GetFileType
GlobalUnlock
WaitForSingleObject
SetEvent
GetCurrentProcess
PulseEvent
EnterCriticalSection
GetSystemInfo
GetConsoleCP
EnumSystemLocalesA
SetThreadIdealProcessor
DeleteFileA
InitializeCriticalSection
HeapCreate
EnumDateFormatsExA
TlsAlloc
VirtualFree
GetVersion
SetUnhandledExceptionFilter
IsValidLocale
GetLastError
CompareStringW
GetCurrentThread
ReadConsoleA
SetStdHandle
GetTickCount
InterlockedCompareExchange
WriteConsoleA
CreateFileA
WriteConsoleInputA
GetDiskFreeSpaceExW
GetUserDefaultLCID
FileTimeToDosDateTime
GetStringTypeExA
CompareStringA
ReadFile
CreateToolhelp32Snapshot
HeapFree
VirtualAlloc
FreeEnvironmentStringsW
HeapSize
GetTimeFormatA
TlsGetValue
LeaveCriticalSection
SetLastError
GetModuleFileNameA
SetLocaleInfoW
GetProfileSectionW
FindAtomW
HeapAlloc
InterlockedExchange
GetEnvironmentStringsW
GetOEMCP
UnlockFileEx
FlushInstructionCache
SetEnvironmentVariableW
SetLocalTime
TerminateProcess
GetCPInfo
GetACP
GetProcAddress
GetWindowsDirectoryW
CloseHandle
GetStdHandle
FreeEnvironmentStringsA
GetStartupInfoA
TlsSetValue
HeapDestroy
LoadLibraryA
GetLocaleInfoW
GetConsoleMode
SetConsoleCtrlHandler
GetNumberFormatW
LCMapStringW
RtlUnwind
QueryPerformanceCounter
GetLocaleInfoA
GetCurrentThreadId
MultiByteToWideChar
GetSystemTimeAsFileTime
DeleteCriticalSection
SetConsoleOutputCP

user32

GetParent
PackDDElParam
OemToCharW
MonitorFromRect
SetWindowTextW
GrayStringW
GetClientRect
GetNextDlgGroupItem
CharLowerBuffW
AttachThreadInput
MonitorFromPoint
SetWindowsHookA
GetWindowPlacement
CreateWindowExA
GetMonitorInfoA
RegisterClassA
GetWindowInfo
GetUserObjectInformationW
GetMenu
CharToOemBuffA
CharToOemA
CheckRadioButton
CreateIconFromResourceEx
OpenIcon
GetWindowModuleFileNameA
PostQuitMessage
SetClassLongA
WindowFromDC
DrawTextA
IsCharLowerA
AnyPopup
RegisterClassExA
InvertRect
SendMessageW
DefWindowProcA
OpenWindowStationA
SetWinEventHook
BringWindowToTop
OemToCharBuffA
IsIconic
GetTabbedTextExtentW
MessageBoxW
CallWindowProcA
DestroyWindow
ShowWindow
TranslateAccelerator
SetClipboardViewer
SendMessageTimeoutA
InSendMessageEx
OemToCharBuffW
BeginDeferWindowPos
EnumPropsExA
GetMessageExtraInfo
FlashWindowEx
ModifyMenuW
InvalidateRgn

comctl32

CreateMappedBitmap
ImageList_LoadImage
CreatePropertySheetPage
InitMUILanguage
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_GetFlags
ImageList_Read
InitCommonControlsEx
ImageList_Duplicate

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8975a9e39ce2c9633c59d8e539d0eee

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 116KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 116KB

.rsrc
Size: 44KB - Virtual size: 43KB