ec85020b047d567f65a120a29b46b4e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec85020b047d567f65a120a29b46b4e7_JaffaCakes118
Size

584KB
MD5

ec85020b047d567f65a120a29b46b4e7
SHA1

67aa8d9346225b2ecde8fbc66ee5307b076582eb
SHA256

6ba2b426a3284aa8384a3338600aa9ebb49fee7058fad5c82e9145bd0ff77064
SHA512

90d8f8e2ac14d0e65523135f40e3ab95e1676efc08ed583853648838d967ecefcea9b126f0c55ea49c59bf5e37d078eccb55dc9a2539a26821af5725a1ba27a8
SSDEEP

12288:jD6y6cBiv3xqcufzQI/jPbmM6dyCE8yq4pdM2nxWv1s:jLjBiv3MxfsIbPbtbMyDM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec85020b047d567f65a120a29b46b4e7_JaffaCakes118

Files

ec85020b047d567f65a120a29b46b4e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21e79cbabeff4dc9ffc6fc46210b4b79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\uuz\ghqaesdx\ovoooi\eoog\vpo.pdb

Imports

wininet

GopherCreateLocatorW

advapi32

RegEnumKeyExW
RegSetKeySecurity
RegDeleteKeyA
CryptExportKey
LookupAccountNameA

user32

DrawStateA
AnyPopup
CreateMDIWindowA
MessageBoxA
ShowWindow
UnloadKeyboardLayout
GetIconInfo
SendDlgItemMessageW
wsprintfW
SetWindowContextHelpId
CreateDialogParamA
SendDlgItemMessageA
RegisterClassA
DefWindowProcW
TranslateMDISysAccel
GetDCEx
RegisterDeviceNotificationA
GetNextDlgTabItem
CallMsgFilterA
DestroyWindow
GetSubMenu
SendNotifyMessageW
PostMessageA
ImpersonateDdeClientWindow
RegisterClassExA
AppendMenuA
IsClipboardFormatAvailable
LoadIconW
GetSystemMetrics
GetGuiResources
GetMenuItemInfoW
GetCursor
CopyImage
CreateWindowExW
CharNextExA
SetSystemCursor
CheckRadioButton
IsCharAlphaA
ReplyMessage
ExcludeUpdateRgn
GetCursorPos
UnhookWinEvent
AdjustWindowRect
ScrollWindowEx
GetProcessWindowStation
GetDlgCtrlID

comctl32

ImageList_EndDrag
CreatePropertySheetPage
CreateToolbar
DrawInsert
ImageList_SetBkColor
InitCommonControlsEx
DrawStatusTextA
_TrackMouseEvent
ImageList_DrawIndirect

kernel32

HeapCreate
TlsFree
GetDriveTypeA
GetConsoleTitleW
LoadLibraryExA
CompareStringA
TlsSetValue
LoadLibraryExW
LocalAlloc
GetStartupInfoW
GetModuleFileNameW
FlushFileBuffers
HeapDestroy
EnterCriticalSection
VirtualFree
OpenMutexA
SetEnvironmentVariableW
LCMapStringW
HeapAlloc
GetSystemTimeAsFileTime
GetLocalTime
GetVersion
WriteFile
InitializeCriticalSection
GlobalCompact
VirtualAlloc
CopyFileA
RtlUnwind
GetStdHandle
GetTickCount
VirtualQuery
FreeEnvironmentStringsW
VirtualFreeEx
GetStartupInfoA
GetCommandLineA
GetCurrentProcessId
lstrlen
SetConsoleMode
GetVolumeInformationA
MultiByteToWideChar
GetCPInfo
CreateMutexA
SetStdHandle
LCMapStringA
OpenWaitableTimerW
GetCommandLineW
GetOEMCP
FindAtomW
ReadFile
GetStringTypeExA
SetFilePointer
TlsGetValue
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
QueryPerformanceCounter
SetLastError
lstrcat
LoadLibraryA
SetFileAttributesW
WideCharToMultiByte
GetModuleHandleA
TerminateProcess
GetFileType
UnhandledExceptionFilter
FindFirstFileExW
ExitProcess
InterlockedExchange
OpenFile
AddAtomA
GetEnvironmentStringsW
CreateSemaphoreW
GetSystemTime
GetCurrentThreadId
GetStringTypeA
HeapReAlloc
GetStringTypeW
SetLocaleInfoW
HeapFree
TlsAlloc
CloseHandle
GetCurrentThread
SetEnvironmentVariableA
ReleaseMutex
GetLastError
CompareStringW
FreeEnvironmentStringsA
SetFileTime
DeleteFiber
lstrcpyW
IsBadWritePtr
InterlockedIncrement
LeaveCriticalSection
ExpandEnvironmentStringsW
FindNextChangeNotification
GetTimeZoneInformation
GetStringTypeExW
GetProcAddress
GetModuleFileNameA
SetHandleCount
GetConsoleScreenBufferInfo
InterlockedDecrement

comdlg32

LoadAlterBitmap

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21e79cbabeff4dc9ffc6fc46210b4b79

Headers

File Characteristics

PDB Paths

Imports

wininet

advapi32

user32

comctl32

kernel32

comdlg32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 112KB - Virtual size: 119KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 112KB - Virtual size: 119KB

.rsrc
Size: 36KB - Virtual size: 32KB