ecb3677a221715e8ccb962d85929e6c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ecb3677a221715e8ccb962d85929e6c7_JaffaCakes118
Size

772KB
MD5

ecb3677a221715e8ccb962d85929e6c7
SHA1

1d6f6426128f77194e256dfab6ac8ed30a629929
SHA256

33ad43ea8c0881c55d0875ad3cae362edb874dcfa1784bcf29bdfe7c996cd66e
SHA512

62ce898456aa215b937ff9e734b3250e25837bca512810a6a5887ce8f8123a4076d77a103c134d5015280fb0955ee7f32a8f3a029ea8d1e2c7a8d1dcc2e76e1a
SSDEEP

12288:GYgAY3Jdr6XF42L5AV/sSVtvjN8GedpEIcTWGMDabuYzZSA2522/gdiDAFrj55f+:GNJ6SUGedm3WXDaXJQ/g1lfFaXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb3677a221715e8ccb962d85929e6c7_JaffaCakes118

Files

ecb3677a221715e8ccb962d85929e6c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb13ee19625f9b49daea6e6b193b49dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtFloodFill
SetPolyFillMode
ScaleViewportExtEx
GetCurrentObject
CloseEnhMetaFile
PolyPolyline
ExtTextOutW
GdiPlayJournal
CreateBrushIndirect
PatBlt
SetFontEnumeration
SetColorSpace
GetLogColorSpaceW
SetBkMode
AddFontResourceA
GetObjectW
GetDeviceCaps
DeleteObject
SetPixel
GetEnhMetaFileDescriptionA
WidenPath
CreateFontIndirectA
DeleteDC
OffsetViewportOrgEx
LineDDA
GetWindowExtEx
CopyEnhMetaFileA
CreateDCA
SetTextColor

user32

ExcludeUpdateRgn
CheckMenuItem
SetShellWindow
VkKeyScanExA
LoadMenuW
SetWindowRgn
RegisterClassExA
MapVirtualKeyA
GetKeyboardLayout
EnumDisplayDevicesW
DestroyAcceleratorTable
PostMessageA
GetScrollPos
DestroyWindow
ShowWindow
MessageBoxW
GetCursorInfo
DlgDirListComboBoxA
SetMenuContextHelpId
SetClassLongA
ShowWindowAsync
FindWindowW
ShowCaret
EndDialog
OemToCharW
GetDialogBaseUnits
RegisterClassA
CreateWindowStationW
GetDoubleClickTime
OemToCharBuffA
EditWndProc
ChangeDisplaySettingsExA
CreateWindowExW
GetMenuStringA
DefWindowProcW
LoadKeyboardLayoutA
SetRect
DestroyCursor
GetProcessWindowStation
GetActiveWindow
SendDlgItemMessageA
OffsetRect

comdlg32

ChooseColorW

comctl32

CreateToolbarEx
DrawInsert
ImageList_GetBkColor
ImageList_SetOverlayImage
CreateStatusWindowA
DrawStatusTextA
InitMUILanguage
CreateToolbar
ImageList_Draw
ImageList_GetFlags
InitCommonControlsEx
ImageList_Destroy
ImageList_LoadImageA

kernel32

FlushFileBuffers
GetEnvironmentVariableW
GetCurrentThreadId
GetConsoleOutputCP
DebugBreak
WriteConsoleW
GetCurrentProcessId
LocalFlags
CloseHandle
IsValidLocale
InitializeCriticalSectionAndSpinCount
RemoveDirectoryA
GetCurrencyFormatW
OpenProcess
TlsAlloc
GetCompressedFileSizeW
GetOEMCP
WaitNamedPipeA
GetPrivateProfileStructW
GetTickCount
GetCPInfo
GetCommandLineA
FillConsoleOutputAttribute
lstrcat
LeaveCriticalSection
VirtualAlloc
MapViewOfFile
GetModuleFileNameW
InterlockedIncrement
HeapReAlloc
CreateMutexA
LoadLibraryW
GetFileTime
GetProcessHeap
GetLocaleInfoW
GetStartupInfoW
ReadConsoleOutputCharacterW
GetConsoleMode
EnumSystemLocalesA
IsBadReadPtr
ExitProcess
SetFilePointer
SetFileTime
GetConsoleTitleW
FreeLibraryAndExitThread
LCMapStringA
HeapValidate
ReadFile
GetStringTypeW
LoadLibraryA
GetStdHandle
RaiseException
OutputDebugStringA
FindFirstFileA
GetACP
OutputDebugStringW
GetModuleHandleA
GetSystemDefaultLCID
Sleep
SleepEx
EnumDateFormatsW
IsDebuggerPresent
GetModuleHandleW
GetStartupInfoA
TryEnterCriticalSection
SetConsoleScreenBufferSize
SetConsoleCursorInfo
CompareStringA
SetVolumeLabelW
ContinueDebugEvent
GetVersion
GetCurrentThread
SetEnvironmentVariableA
VirtualFree
HeapDestroy
GetProfileIntA
MultiByteToWideChar
InterlockedExchange
GetEnvironmentStringsW
SetConsoleCtrlHandler
TlsFree
LCMapStringW
SetHandleCount
HeapFree
FileTimeToDosDateTime
FreeLibrary
HeapCreate
CopyFileExA
WriteFile
GetProcAddress
EnumSystemLocalesW
lstrlenA
SetStdHandle
GetDateFormatA
EnterCriticalSection
GetFullPathNameA
GetPriorityClass
GetFileType
GetStringTypeA
lstrcpyn
GetCommandLineW
GetModuleFileNameA
IsValidCodePage
SetLastError
SetUnhandledExceptionFilter
RtlUnwind
VirtualUnlock
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLastError
InterlockedDecrement
GetCurrentProcess
DeleteCriticalSection
QueryPerformanceCounter
GetTimeFormatA
IsBadWritePtr
VirtualQuery
MoveFileW
EnumTimeFormatsW
GetFullPathNameW
OpenMutexA
FreeEnvironmentStringsW
HeapSize
TlsGetValue
GetExitCodeProcess
GetDriveTypeW
GetUserDefaultLCID
GlobalFlags
HeapAlloc
TerminateProcess
GetLocaleInfoA
WriteConsoleA
CreateFileA
TlsSetValue
UnhandledExceptionFilter
GetConsoleCP
GetProcessHeaps
CompareStringW
RtlFillMemory
GlobalAddAtomW
WideCharToMultiByte

shell32

ShellExecuteW
SHGetDiskFreeSpaceA

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb13ee19625f9b49daea6e6b193b49dd

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

comctl32

kernel32

shell32

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 292KB - Virtual size: 290KB

.data Size: 112KB - Virtual size: 136KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 292KB - Virtual size: 290KB

.data
Size: 112KB - Virtual size: 136KB

.rsrc
Size: 72KB - Virtual size: 71KB