ec39439b8af0ac602bffac67e07e9abe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec39439b8af0ac602bffac67e07e9abe_JaffaCakes118
Size

628KB
MD5

ec39439b8af0ac602bffac67e07e9abe
SHA1

b9e625e07db6ea98ded92d732f6a8ebcd0afbb67
SHA256

dcae625cae9f43f5a62c580465357406da32388aa1429730eaaba7714288583f
SHA512

ee5121bdc2cb6a566a326dc75516c77ddf48210dcce60258dfb6ba7ff4242df1193344df475539c314ec17cf741e6b23f917fbb79c541203895da895c8135cbc
SSDEEP

12288:pTX2+hItWnKd8TkF0wKYuqIPrFgsB80FdaGmCKAVjA:p72OItWnKuT9XwIPrasBV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec39439b8af0ac602bffac67e07e9abe_JaffaCakes118

Files

ec39439b8af0ac602bffac67e07e9abe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

35d8ab0d29857f8aa7b65eee4a82e173

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
VariantInit
VariantClear

kernel32

GetCurrentThreadId
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
GetShortPathNameA
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
GetDiskFreeSpaceA
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetStdHandle
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetVersion
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
CreateFileA
SetFileAttributesA
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
InitializeCriticalSection
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
SizeofResource
LoadResource
GetTimeZoneInformation
GetExitCodeProcess
FormatMessageW
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
lstrcmpiA
GetLocaleInfoW
lstrcpyA
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RtlUnwind
CreateProcessA
TlsGetValue
lstrcmpiW
IsValidCodePage
HeapCreate
WriteFile
VirtualFree
Sleep
FindResourceA
VirtualAlloc
SetHandleCount
FindClose

user32

GetDlgItem
CreateWindowExA
PtInRect
GetWindowLongA
CheckMenuItem
SetWindowTextA
EndDialog
SetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
ClientToScreen
BeginPaint
PeekMessageA
SetFocus
EndPaint
FillRect
SetTimer
GetSubMenu
RegisterClassA
EnableMenuItem
LoadStringA
GetWindow
TranslateMessage
EnableWindow
ShowWindow
GetFocus
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetKeyState
MoveWindow
GetClientRect
UnregisterClassA
ReleaseDC
GetCursorPos
GetDC
DispatchMessageA
IsWindow
SetWindowPos
LoadBitmapA
PostQuitMessage
MapWindowPoints
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
SetForegroundWindow
MessageBoxA
DialogBoxParamA
GetSysColor
SystemParametersInfoA
IsWindowVisible
wsprintfA
DrawTextA
InvalidateRect
SendMessageA
CallWindowProcA
SetCursor

gdi32

SetBkColor
DeleteDC
SetTextColor
CreateCompatibleDC
CreateSolidBrush
GetDeviceCaps
DeleteObject

advapi32

RegDeleteValueA
RegCloseKey
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance

Sections

.text
Size: 504KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35d8ab0d29857f8aa7b65eee4a82e173

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 504KB - Virtual size: 501KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 32KB - Virtual size: 33KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 504KB - Virtual size: 501KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 32KB - Virtual size: 33KB

.rsrc
Size: 8KB - Virtual size: 6KB