ec5c3337ba31fe209a71714f37dd3601_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec5c3337ba31fe209a71714f37dd3601_JaffaCakes118
Size

534KB
MD5

ec5c3337ba31fe209a71714f37dd3601
SHA1

5ab6fede86030ed0208cc4acc413c4992d432692
SHA256

7bc48f960c2732320377df26af39aab981dbefcad4651c42d5130079bf0a25a5
SHA512

275c9c190543306f390296ce890a5347233c821f6ee1e391d8d93167b79d56047e9b0fbe7dd460e01d6e4650f41369d9bd3e9c606f9706bd1b022fdd4c858ba5
SSDEEP

6144:CepbZrKqkcET0VypCH1garAaC8zBFPPURGQGbaNm03dgXhkw29ib5szXyDoFYdNI:ll5kPEuax9PURTWaU0yXhk39UgiKJ60

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec5c3337ba31fe209a71714f37dd3601_JaffaCakes118

Files

ec5c3337ba31fe209a71714f37dd3601_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b299d057d56c129e76794e0fd0e2d30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\oee\kootws\elioqooitf\gtrwk.pdb

Imports

kernel32

SetConsoleCtrlHandler
HeapReAlloc
IsValidCodePage
GetCPInfo
FoldStringW
LeaveCriticalSection
InitializeCriticalSection
GetProcessHeap
GetStringTypeA
CompareStringW
CreateMutexA
OpenMutexA
GetTimeZoneInformation
WriteConsoleW
SetLastError
GetModuleHandleA
WriteConsoleA
TlsGetValue
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetDateFormatA
VirtualFree
GetLastError
GetCurrentThread
ReadFile
GetCommandLineW
LCMapStringW
GetFileType
SetEnvironmentVariableA
GetCommandLineA
GetCurrentProcessId
SetStdHandle
CreateFileA
GetLocaleInfoA
Sleep
IsDebuggerPresent
UnhandledExceptionFilter
FreeLibrary
EnterCriticalSection
GetTickCount
GetCurrentProcess
WideCharToMultiByte
GetConsoleOutputCP
GetTimeFormatA
LoadLibraryA
FlushFileBuffers
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
CompareStringA
QueryPerformanceCounter
ExitProcess
CloseHandle
GetStdHandle
EnumSystemLocalesA
WriteFile
HeapSize
VirtualAlloc
SetFilePointer
GetConsoleCP
GetOEMCP
HeapDestroy
FreeEnvironmentStringsW
GetStartupInfoA
GetLocaleInfoW
TlsFree
GetCurrentThreadId
HeapFree
TlsAlloc
TerminateProcess
GetEnvironmentStringsW
GetUserDefaultLCID
GetProcAddress
HeapAlloc
GetModuleFileNameW
GetStringTypeW
GetConsoleMode
MultiByteToWideChar
RtlUnwind
IsValidLocale
GetACP
GetEnvironmentStrings
GetVersionExA
LCMapStringA
SetHandleCount
HeapCreate
VirtualQuery
FreeEnvironmentStringsA
GetModuleFileNameA
TlsSetValue
DeleteCriticalSection
GetStartupInfoW

user32

RegisterClassExA
CreateWindowExW
SendIMEMessageExA
ShowWindow
RegisterClassA
MessageBoxA

gdi32

SetMetaFileBitsEx
FixBrushOrgEx
CreateDCW
PolyTextOutW
SetMagicColors
GetFontLanguageInfo
CreateDIBSection
GetTextFaceA
GetTextCharsetInfo
GetMetaFileW
CreatePen
gdiPlaySpoolStream
GetDeviceCaps
GetColorAdjustment
ExtTextOutA
SetAbortProc
CloseEnhMetaFile
PathToRegion
DeleteDC
PolyDraw
CreatePolyPolygonRgn
EnumFontsW
CreateDIBPatternBrushPt

advapi32

RegDeleteValueW
CryptEnumProvidersA
LookupPrivilegeNameW
CryptSetProviderA
RevertToSelf
LookupAccountSidA
CryptCreateHash
RegCreateKeyA
CryptSetProviderExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b299d057d56c129e76794e0fd0e2d30

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 378KB - Virtual size: 377KB

.rdata Size: 28KB - Virtual size: 39KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 378KB - Virtual size: 377KB

.rdata
Size: 28KB - Virtual size: 39KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 20KB - Virtual size: 20KB