ecb5bec74d24cb9222a8be1797ebdba2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecb5bec74d24cb9222a8be1797ebdba2_JaffaCakes118
Size

243KB
MD5

ecb5bec74d24cb9222a8be1797ebdba2
SHA1

a70810523316743e8b36fe4edf6a40835f7502a7
SHA256

33b245cf07277e7982897f16e3cb634960d34390815dfb83ccc1f58a46bf7ed7
SHA512

94f67d2dfeb3ac37d4e744482e05f942ce4082d6a19244eadd174f252b0da42e9c6ade4bc1d6faf0d204555c614ca171c322d30b6f83c36b3cb6afa21143d37a
SSDEEP

3072:nlH3A3RLKepuNRabAl1UZ3mjg6+5+LL81cg:nlMRLKxaCJB3Scg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb5bec74d24cb9222a8be1797ebdba2_JaffaCakes118

Files

ecb5bec74d24cb9222a8be1797ebdba2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14e362532d47b6c675081897dd0b93c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
AssocQueryStringA
wnsprintfA
StrNCatA
SHDeleteKeyA
StrToIntA
StrStrIA

userenv

GetProfilesDirectoryA

kernel32

lstrcpyA
RemoveDirectoryA
MoveFileExA
DeleteFileA
lstrcmpiA
CreateProcessA
WriteFile
ReadFile
GetFileSize
CreateFileA
GetTempPathA
GetModuleFileNameA
SetEndOfFile
SetFilePointer
GetVersionExA
Sleep
GetModuleHandleA
GetVolumeInformationA
CreateThread
GetTickCount
ExitProcess
SetErrorMode
SetLastError
GetSystemTimeAsFileTime
lstrcatA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
GetConsoleMode
GetConsoleCP
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
lstrlenA
FindFirstFileA
GetFileAttributesA
FindNextFileA
FindClose
MultiByteToWideChar
lstrcmpA
ExpandEnvironmentStringsA
HeapFree
LocalFree
GetCurrentProcess
GetProcessHeap
HeapAlloc
OpenProcess
LoadLibraryA
GetProcAddress
FreeLibrary
CloseHandle
lstrcpynA
GetLastError
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
FreeEnvironmentStringsA
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualQuery

user32

SystemParametersInfoA
AdjustWindowRectEx
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
SendDlgItemMessageA
GetDlgItem
RegisterClassExA
GetWindowRect
SetWindowPos
SetWindowTextA
SendMessageA
DestroyWindow
BeginPaint
FillRect
EndPaint
PostQuitMessage
GetWindowLongA
LoadBitmapA
CreateWindowExA
ShowWindow
ExitWindowsEx
GetUserObjectSecurity
GetShellWindow
GetWindowThreadProcessId
MessageBoxA
LoadIconA
LoadCursorA
UpdateWindow

gdi32

CreateSolidBrush
SetBkMode
SetTextColor
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
DeleteDC
CreateFontA
GetTextExtentPoint32A
TextOutA
GetStockObject

advapi32

RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
ConvertSidToStringSidA
GetUserNameA
GetSecurityDescriptorOwner
IsValidSid
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHFileOperationA
ShellExecuteA
SHGetFolderPathA
ord680
ShellExecuteExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14e362532d47b6c675081897dd0b93c6

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

userenv

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 148KB - Virtual size: 147KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 148KB - Virtual size: 147KB