e9d26254e2b94a73ecd56458c037cdd7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9d26254e2b94a73ecd56458c037cdd7_JaffaCakes118
Size

528KB
MD5

e9d26254e2b94a73ecd56458c037cdd7
SHA1

125d6e151f34c6e1f61c0ddec9490a6613a764f3
SHA256

e8455d5facdd45a2717a327b1a52e3e629783d93614d45cb965486717a42046b
SHA512

a88e3d20516731510780d8d5020d742714b3a82e08ee93593089f1f708dcc514021cf0c90a0da691c04a2ea989d31e271d3f3781e41a3d1a247a598811969492
SSDEEP

12288:qbGSyyVHQl+ykrgjtOHj5OKimSaViQjkghiro:ZSyyVHQ4pry8jDSnEiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9d26254e2b94a73ecd56458c037cdd7_JaffaCakes118

Files

e9d26254e2b94a73ecd56458c037cdd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e04bb801f94c0304885536cdac5e96c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\

Imports

shell32

DragAcceptFiles
InternalExtractIconListW
ExtractIconW
SHLoadInProc
SHGetFileInfoA

comctl32

CreateUpDownControl
ImageList_Draw
ImageList_SetImageCount
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_DrawEx
CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_LoadImageA
ImageList_Add
ImageList_AddMasked
ImageList_GetBkColor
DrawStatusTextA
ImageList_DragEnter
DrawStatusText
CreatePropertySheetPageA
DrawInsert
ImageList_SetIconSize
ImageList_Merge
ImageList_LoadImageW
CreateToolbar
ImageList_Remove
InitMUILanguage
InitCommonControlsEx
CreateToolbarEx

kernel32

RtlUnwind
TlsFree
IsValidCodePage
FindResourceW
GetLocaleInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsW
EnumSystemLocalesA
SetLastError
SetFilePointer
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
GetCalendarInfoA
SetComputerNameA
VirtualAlloc
GetProcessHeaps
CreateSemaphoreA
CloseHandle
GetDateFormatA
TlsGetValue
GetTickCount
GetLocaleInfoW
FreeEnvironmentStringsA
GetCurrentThreadId
SetConsoleCtrlHandler
GetCurrentThread
CreateMutexA
Sleep
SetUnhandledExceptionFilter
LeaveCriticalSection
LCMapStringA
WriteConsoleA
ExitProcess
InterlockedIncrement
SetEnvironmentVariableA
MapViewOfFile
GetCPInfo
CreateEventA
GetConsoleCP
HeapSize
GetTimeFormatA
OpenMutexA
GetEnvironmentStringsW
FreeLibrary
CreateToolhelp32Snapshot
MultiByteToWideChar
GetWindowsDirectoryW
GetSystemTimeAsFileTime
GetProcAddress
IsDebuggerPresent
GetTimeZoneInformation
GetACP
LocalReAlloc
VirtualQuery
GetLastError
GetModuleFileNameA
GetFileTime
WriteFile
CompareStringA
CompareStringW
HeapCreate
LoadLibraryA
ReadConsoleInputA
DeleteCriticalSection
WideCharToMultiByte
GetOEMCP
InterlockedExchange
HeapReAlloc
GetModuleHandleA
GetCurrentProcessId
HeapDestroy
QueryPerformanceCounter
GetEnvironmentStrings
TlsAlloc
OpenSemaphoreA
GetStringTypeW
VirtualFree
GetConsoleMode
HeapFree
GetStringTypeA
TlsSetValue
EnterCriticalSection
GetUserDefaultLCID
GetNamedPipeInfo
HeapAlloc
WaitNamedPipeW
GetStartupInfoA
WriteConsoleW
GetModuleHandleW
SetHandleCount
LCMapStringW
GetCommandLineA
SetStdHandle
TerminateProcess
FlushFileBuffers
GetConsoleOutputCP
ReadFile
GetPrivateProfileStringW
CreateMailslotW
GetFileType
GetCurrentProcess
IsValidLocale
AddAtomW
GetStdHandle
CreateFileA
ResetEvent
WriteConsoleOutputA

gdi32

PlgBlt
ExtCreateRegion

user32

RegisterClassExA
DestroyAcceleratorTable
ChangeMenuA
IsDialogMessageW
DialogBoxParamW
SetUserObjectInformationA
CascadeWindows
SetPropW
DestroyCursor
IsRectEmpty
GetSysColor
GetWindowDC
FindWindowW
AdjustWindowRect
VkKeyScanW
PostQuitMessage
RegisterClassA
DdeFreeStringHandle
DdeReconnect

wininet

InternetCrackUrlA
FindFirstUrlCacheContainerW

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e04bb801f94c0304885536cdac5e96c

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

kernel32

gdi32

user32

wininet

Sections

.text Size: 362KB - Virtual size: 362KB

.rdata Size: 47KB - Virtual size: 50KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 362KB - Virtual size: 362KB

.rdata
Size: 47KB - Virtual size: 50KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 12KB - Virtual size: 11KB