e9c3b893f61571192e17aa780b45843a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9c3b893f61571192e17aa780b45843a_JaffaCakes118
Size

326KB
MD5

e9c3b893f61571192e17aa780b45843a
SHA1

b22511ce480f298a4b9726268def46b1417762ef
SHA256

38799aa21b626a61247d9ddedec064a8bba81065718ca03b015beb49bf0d7dcb
SHA512

51d577200182ff6fcb5f8006aab751265b167044a9abe7406a3f97bddd418f103d0dc311cc276a93aacd0d888c1f94534605edfeec9bed3cd2907b905ac3f5b4
SSDEEP

6144:aOxhuxWQY+rJsMNgteOQj8JIW9Wqmbjx1AJr5:aOjuxWQYsnKo3j8NWbt1AD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9c3b893f61571192e17aa780b45843a_JaffaCakes118

Files

e9c3b893f61571192e17aa780b45843a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c97a3fc7d05f9efd96a240f748c08ba5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Day\Speed\Day\Laugh\know\fat\south\through\Ohnecessary.pdb

Imports

kernel32

SetFilePointer
FlushFileBuffers
SetEndOfFile
CreateFileA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
WriteFile
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
ReadFile
GetOEMCP
GetCPInfo
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
lstrcpyA
GetCurrentThreadId
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
FindFirstChangeNotificationA
FindNextChangeNotification
CloseHandle
GetNativeSystemInfo
PrepareTape
VirtualProtectEx
SetFileAttributesA
CreateProcessA
LoadLibraryA
GetCurrentProcess
SetEvent
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapDestroy
InterlockedExchange

user32

PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetMenu
PeekMessageA
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
GetWindowTextA
SetWindowTextA
GetClassNameA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
PostQuitMessage
DestroyMenu
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnregisterClassA
GetClientRect
SetForegroundWindow
GetKeyState
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SystemParametersInfoA

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

ord17

oleaut32

VariantClear
VariantInit
VariantChangeType

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c97a3fc7d05f9efd96a240f748c08ba5

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

comctl32

oleaut32

oleacc

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 85KB - Virtual size: 110KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 85KB - Virtual size: 110KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 17KB - Virtual size: 16KB