ecb6c9fbd6a10d30b1892d15152e05cd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecb6c9fbd6a10d30b1892d15152e05cd_JaffaCakes118
Size

319KB
MD5

ecb6c9fbd6a10d30b1892d15152e05cd
SHA1

dd4cf45a14fe82540dce432593914c826dffb20e
SHA256

2c4e6ced1561fba6b5221d00c8e0b425cbc5b0a2e5daf25b0e6cf147f1cf68c2
SHA512

34b21336b8bf716d70a03e8e79663da5de8d0ca5c6ee829ec3f9754ca9a9cef525e1e15a981f9349ca6efd831df3bc83ae4f70c2d8f3d8f6c477be5eb4392948
SSDEEP

6144:FTIruJhrGd2sdsmDEkYWDtNYCOP/bj+0zBKDnnSi:FTKuDGd9dhP9mPDj+sBKjnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb6c9fbd6a10d30b1892d15152e05cd_JaffaCakes118

Files

ecb6c9fbd6a10d30b1892d15152e05cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2dadeaada6786508fd4163ec99fd6c31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
PageSetupDlgW

kernel32

GetLocaleInfoW
InitializeCriticalSection
EnumSystemLocalesA
QueryPerformanceCounter
ExitProcess
GetCurrentThreadId
GetCPInfo
FreeEnvironmentStringsA
GetDateFormatA
lstrcpyW
VirtualQuery
GetEnvironmentStrings
VirtualFree
TlsFree
GetModuleFileNameA
CompareStringA
VirtualFreeEx
LoadLibraryA
WriteConsoleInputA
WriteFile
HeapReAlloc
GetModuleHandleA
GetEnvironmentStringsW
GetCurrentProcessId
LCMapStringW
GetLongPathNameW
GetSystemTimeAsFileTime
GetCurrentThread
TlsAlloc
GetFileAttributesA
GetUserDefaultLCID
GetSystemInfo
HeapCreate
LCMapStringA
VirtualAllocEx
WriteProfileStringW
TerminateProcess
CloseHandle
TlsSetValue
GetCalendarInfoW
GetCommandLineA
RtlUnwind
GetStdHandle
TlsGetValue
FindNextFileW
GetLastError
IsBadWritePtr
MultiByteToWideChar
WriteConsoleOutputW
GetProcAddress
WideCharToMultiByte
GetNamedPipeHandleStateW
EnterCriticalSection
GetCurrentProcess
CompareStringW
SetLastError
GetStringTypeExW
GetVersionExA
VirtualAlloc
HeapFree
GetStringTypeA
HeapAlloc
HeapDestroy
VirtualProtect
GetTimeZoneInformation
SetEnvironmentVariableA
IsValidCodePage
EnumSystemLocalesW
GetLocaleInfoA
HeapSize
GetStartupInfoA
GetTickCount
GetTimeFormatA
LeaveCriticalSection
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetACP
InterlockedExchange
SetHandleCount
DeleteCriticalSection
GetOEMCP
EnumDateFormatsExA
SetConsoleMode
GetStringTypeW
GetFileType
IsValidLocale

advapi32

InitializeSecurityDescriptor
RegCreateKeyExA
RegQueryValueW
RegReplaceKeyW
LookupAccountNameW
CreateServiceW
CryptDeriveKey
CryptGenKey
GetUserNameW
AbortSystemShutdownW
CryptSetProviderA
CryptSetProviderExW
CryptEnumProviderTypesA
LookupSecurityDescriptorPartsW
CryptDestroyHash
CryptGetDefaultProviderA
CryptEnumProviderTypesW
LookupAccountSidA
CryptDestroyKey
GetUserNameA
RegSaveKeyA
RegLoadKeyA

gdi32

OffsetWindowOrgEx
GetGlyphOutlineW
GetColorAdjustment
StartDocW
RectInRegion
CreateColorSpaceA
SetDIBitsToDevice
LineTo
GetEnhMetaFileDescriptionW
CreateColorSpaceW
GetCharacterPlacementA
StartPage
SetWinMetaFileBits
ColorCorrectPalette
BeginPath
SetPolyFillMode
LineDDA
GetOutlineTextMetricsA

user32

GetMessagePos
EnumPropsW

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dadeaada6786508fd4163ec99fd6c31

Headers

File Characteristics

Imports

comdlg32

kernel32

advapi32

gdi32

user32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 8KB - Virtual size: 21KB

.data Size: 172KB - Virtual size: 171KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 8KB - Virtual size: 21KB

.data
Size: 172KB - Virtual size: 171KB

.rsrc
Size: 6KB - Virtual size: 5KB