e8f783356efa246f1455c68edb13863e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e8f783356efa246f1455c68edb13863e_JaffaCakes118
Size

28KB
MD5

e8f783356efa246f1455c68edb13863e
SHA1

e1a6702758968088b9751638dfd6a6ee8a263c36
SHA256

7e0b193270f472519d7b002e9b32471a42d6df8d171451e5c9a9567fa8aef433
SHA512

16e5bef4ca8c9c3e41cc8c5a925ef4964fa75dd1556df28fabc6a832cf2ec6833be6a61ad5979d38481596ea57687602be643997c9713b61be0f4920b19d0184
SSDEEP

384:T4ciTnpnYz6/+qTIWofcw86mOWO1f3tI/jDPvFcCeEsiWPBX8CaDhslT1SpJQJyG:kFnpxTTIWscwIOrODPCKsjPBsSN1SQE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8f783356efa246f1455c68edb13863e_JaffaCakes118

Files

e8f783356efa246f1455c68edb13863e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

034ad5c33129db6cd2dcacfc9472f0c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
HeapValidate
WriteConsoleOutputW
CreateEventA
GetFullPathNameW
FileTimeToSystemTime
WaitForMultipleObjects
lstrcmpA
GetModuleHandleA
GetProcessHeap
lstrcmpiW
DosDateTimeToFileTime
VirtualFree
InterlockedCompareExchange
InitializeCriticalSection
GetLastError
CreateTapePartition
GetLocalTime
GetFileAttributesA
GetDiskFreeSpaceExA
GetThreadContext
GetCommandLineW
GetDateFormatW
GetTempFileNameA
GetFileAttributesExA
SetConsoleOutputCP
GetStartupInfoW
GetFullPathNameA
ConvertDefaultLocale
SetConsoleScreenBufferSize
lstrlenA
ExitThread
GetCPInfoExA
VirtualAlloc
IsValidLocale
lstrcmpiA
lstrcmpW
FindResourceA
FindResourceW
ExitProcess
GetDiskFreeSpaceA
GetModuleHandleW
GetStdHandle
GetTickCount
SetErrorMode

advapi32

GetUserNameW
RegReplaceKeyA
BuildTrusteeWithSidW
CreateProcessAsUserW
SetSecurityDescriptorOwner
RegQueryValueExA
CopySid
BuildExplicitAccessWithNameA
ControlService
CryptDeriveKey
QueryServiceObjectSecurity
GetTrusteeNameW
BackupEventLogA
RegSaveKeyA
RegGetKeySecurity
GetUserNameA
SetPrivateObjectSecurity
GetFileSecurityW
ConvertSecurityDescriptorToAccessW
GetNamedSecurityInfoExA
CryptSetProviderExA
FindFirstFreeAce

gdi32

GetTransform
GetLogColorSpaceA
SetTextAlign
GetArcDirection
GetCharABCWidthsA
GetDIBits
DeleteObject
EnumFontsW
GetObjectType
GetClipRgn
FrameRgn
CancelDC
SetLayout
GetPixel
GetMiterLimit
GetEnhMetaFileA
GdiGetBatchLimit
ExtSelectClipRgn
SelectPalette
SetLayout
GetTextCharset
GetROP2
GetCurrentPositionEx
GetEnhMetaFilePaletteEntries
GetTextMetricsA
GdiFlush
CreateRectRgnIndirect
GetObjectA

user32

wvsprintfA
SendNotifyMessageA
GetUserObjectInformationA
GetScrollRange
GetTopWindow
wsprintfA
DdeNameService
IsDlgButtonChecked
WaitMessage
DestroyIcon
GetUpdateRgn
ChangeDisplaySettingsA
BringWindowToTop
SystemParametersInfoA
CreateDialogIndirectParamW
CreateCaret
EnableMenuItem
OpenIcon
OffsetRect
GetMenuBarInfo
CreateDialogIndirectParamA
WinHelpW
FlashWindowEx
GetMenuDefaultItem
CharToOemBuffW
ReplyMessage
GetNextDlgGroupItem
ModifyMenuW
GetWindowModuleFileNameW
IntersectRect
MapVirtualKeyExW
LoadBitmapW
GetPriorityClipboardFormat

msvcrt

__argc
ispunct
_mbsnbset
vfwprintf
_getch
__pxcptinfoptrs
_safe_fprem1
_acmdln
clock
_futime
_popen
_ismbcalnum
__p___argc
_cabs
_getdllprocaddr
_wexeclpe
_mbsbtype
_wputenv
getenv
_controlfp
__getmainargs
_ismbcalpha
_winver
_CIasin
_wcsnicmp
_execve
wcstoul
_except_handler3
_wrename
printf
_mbcjmstojis
_chsize
difftime
_heapchk
memset
_mbstok
_swab
_dup2
_fpreset
isupper
_mbsicmp
_wcsnicoll
_sys_errlist
_mbccpy
_jn
_putenv
_execle
_lrotr
_getw

ole32

UtConvertDvtd32toDvtd16
HMETAFILE_UserFree
CLIPFORMAT_UserSize
OleConvertIStorageToOLESTREAM
OleDoAutoConvert
HWND_UserSize
CoQueryClientBlanket
IsValidPtrIn
OleCreateFromDataEx
HPALETTE_UserMarshal
CoDisconnectObject
CoLockObjectExternal
HPALETTE_UserUnmarshal
HBRUSH_UserFree
EnableHookObject
CreateDataAdviseHolder

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dyg
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oaag
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bxt
Size: 3KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

034ad5c33129db6cd2dcacfc9472f0c6

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

msvcrt

ole32

Sections

.text Size: 15KB - Virtual size: 15KB

.dyg Size: 5KB - Virtual size: 10KB

.oaag Size: 3KB - Virtual size: 9KB

.bxt Size: 3KB - Virtual size: 23KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.dyg
Size: 5KB - Virtual size: 10KB

.oaag
Size: 3KB - Virtual size: 9KB

.bxt
Size: 3KB - Virtual size: 23KB

.reloc
Size: 1024B - Virtual size: 1KB