ec7bbe7b156f62eae4e122c3876a9552_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec7bbe7b156f62eae4e122c3876a9552_JaffaCakes118
Size

44KB
MD5

ec7bbe7b156f62eae4e122c3876a9552
SHA1

89673f946205d651b13df686f67ea70db5181d5e
SHA256

a16730b140c27efeeff3375c354fbc4fff18ec2849e80567e0f5fa541d4b6836
SHA512

75eb65afc92149ddd5ab1d09259a0f4ad3188dc7855a4cb3b9ae5351dd57a5873d4a236f3cf5214c31297b1f9f186fe92ba9ccd81914a060d7269685aa814f6d
SSDEEP

768:7vvU0rbDkk6DQERZBcXf44oSdpTQdLd71gnV3gu7UR9RD6Y8LOR:zUfZDQIBcXf4EdpE9rAFUR9RD6Y4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec7bbe7b156f62eae4e122c3876a9552_JaffaCakes118

Files

ec7bbe7b156f62eae4e122c3876a9552_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4afb0cfdf756756adadf24cc28af026

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConnectNamedPipe
UnregisterWaitEx
TermsrvAppInstallMode
CreateFiber
VirtualUnlock
CreateFileMappingA
CompareFileTime
SetupComm
GetPrivateProfileSectionNamesW
PulseEvent
SetLocalTime
LCMapStringA
GetCurrentDirectoryA
EnumResourceTypesW
LockFile
CreateJobObjectW
DeleteFiber
VirtualProtect
SetConsoleInputExeNameA
DuplicateConsoleHandle
GetConsoleAliasExesLengthA
GetDiskFreeSpaceW
SetConsoleOutputCP
lstrcpynA
LocalReAlloc
VirtualLock
SetConsoleTitleW
FindNextChangeNotification
GetStringTypeW
VirtualAllocEx
MoveFileA
ReadFile
RegisterConsoleVDM
GlobalFree
OpenProfileUserMapping
SetThreadAffinityMask
GetProcessPriorityBoost
SetTimeZoneInformation
CreateWaitableTimerW
GetLastError
FindFirstFileW

user32

SetDlgItemInt
GetPropA
GetPriorityClipboardFormat
GetWindowTextLengthW
GetClassNameW
EnumDesktopsA
GetClassWord
IsDlgButtonChecked
IsZoomed
CallWindowProcA
IMPGetIMEW
GetInputState
CharUpperBuffW
LoadMenuIndirectA
CliImmSetHotKey
SetScrollInfo
DrawIcon
GetMenuItemRect
EnableWindow
SetWinEventHook
UpdateWindow
OemToCharW
PrivateExtractIconExA
CreateDesktopA
CharNextW
RegisterClipboardFormatA
CharPrevA
CreateIconIndirect
GetActiveWindow
IsIconic
PostQuitMessage
MsgWaitForMultipleObjectsEx
SetLayeredWindowAttributes
SetShellWindow
ModifyMenuW
DlgDirSelectComboBoxExW
DlgDirListComboBoxA
WinHelpW
SendMessageCallbackA
DrawAnimatedRects
AppendMenuW
CopyIcon
UnionRect
IsCharLowerA

gdi32

AnimatePalette
ChoosePixelFormat
ExtTextOutA
GdiEntry7
ResizePalette
AddFontResourceA
EngGradientFill
SetMapMode
EngQueryEMFInfo
CreateDCW
SetDCBrushColor
GdiCreateLocalEnhMetaFile
EngAlphaBlend
SetDIBits
EngUnicodeToMultiByteN
EngCreateDeviceSurface
SetArcDirection
EnumFontFamiliesExW
SetEnhMetaFileBits
ExtEscape
SetRelAbs
GetTransform
GetCharABCWidthsFloatA
EngStrokePath
GetETM
GetEnhMetaFileDescriptionW
CLIPOBJ_ppoGetPath
GdiSetServerAttr
SelectObject
GetPaletteEntries
SetVirtualResolution
GetGlyphOutlineWow
GdiAddGlsBounds
GdiEntry13
OffsetViewportOrgEx
GetEnhMetaFilePixelFormat
GetSystemPaletteEntries
FONTOBJ_pifi
EnumEnhMetaFile
GdiGetBatchLimit
EngFillPath

comdlg32

Ssync_ANSI_UNICODE_Struct_For_WOW
dwLBSubclass
ChooseColorA
PageSetupDlgA
GetOpenFileNameW
GetFileTitleW
ReplaceTextA
PrintDlgA
FindTextW
PrintDlgExW
CommDlgExtendedError
GetSaveFileNameW
ChooseFontA

psapi

EmptyWorkingSet
GetMappedFileNameA
EnumProcessModules
GetModuleBaseNameA
GetProcessMemoryInfo
InitializeProcessForWsWatch
GetDeviceDriverBaseNameW
GetModuleFileNameExW
GetDeviceDriverFileNameA
GetMappedFileNameW
GetDeviceDriverBaseNameA
GetModuleInformation
QueryWorkingSet
GetModuleFileNameExA
GetWsChanges
GetDeviceDriverFileNameW

comctl32

ImageList_GetDragImage
FlatSB_SetScrollProp
FlatSB_ShowScrollBar
CreateToolbarEx
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_DragMove
ImageList_BeginDrag
ImageList_Draw
ImageList_GetIcon
InitCommonControlsEx
FlatSB_GetScrollInfo
ImageList_AddIcon
CreateMappedBitmap
ImageList_EndDrag
ImageList_Merge
ImageList_GetImageRect
ImageList_Remove
DrawStatusText
MakeDragList
CreateStatusWindow
FlatSB_SetScrollInfo
FlatSB_GetScrollProp
CreateStatusWindowW
ImageList_DrawIndirect
ImageList_GetImageCount

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4afb0cfdf756756adadf24cc28af026

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 5KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 5KB - Virtual size: 8KB