ecbd694de3f0c2d0d4865019c5080cf9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecbd694de3f0c2d0d4865019c5080cf9_JaffaCakes118
Size

99KB
MD5

ecbd694de3f0c2d0d4865019c5080cf9
SHA1

e45c59593936b90484cdf45b9df099e0f38fb73d
SHA256

c6402516bb831ee7132839ec8fb90f3f06a10770b2c0a71a238e9020de13e97e
SHA512

504fc4bc8bbf85cc9b30af848c56ffa5e6045a1375199b4c5323188fb1e89b254ca178f7a96d7f5efa8e0494974777202cee458ac1aca146228f30cd9777208f
SSDEEP

1536:IV6S9Er8rFOZKjI4eu4i6sUdkCBgxpYICKcjr3/yBccY0SH0fQo5Ot0q5a9ch:mK9gjI4eyPUdkCBMpBCKcdcYxUf5FqT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecbd694de3f0c2d0d4865019c5080cf9_JaffaCakes118

Files

ecbd694de3f0c2d0d4865019c5080cf9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dd48d1702d7c250af91de18b7e76333f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
FindResourceW
RtlUnwind
GetCurrentProcessId
GetExitCodeProcess
TlsSetValue
GetStdHandle
GetSystemDirectoryA
LoadLibraryW
GetConsoleMode
GetFileSize
InitializeCriticalSectionAndSpinCount
Sleep
ExpandEnvironmentStringsW
WaitForSingleObject
FindFirstFileW
SetErrorMode
WaitForMultipleObjects
GetDriveTypeW
CreateProcessA
VirtualAlloc
SizeofResource
DeviceIoControl
GetDriveTypeA
ExitProcess
RemoveDirectoryW
QueryPerformanceCounter
GetSystemTime
GetCurrentThreadId
LCMapStringW
IsBadCodePtr

msvcrt

_lock
__CxxFrameHandler
__p__commode
atoi
_c_exit
_wcsnicmp
sscanf
exit
fwrite
_isatty
_itoa
_acmdln
strlen
atol
_iob
strrchr
_itow
_snwprintf
wcsspn
sprintf
__setusermatherr
memmove
__set_app_type
wcsrchr
??3@YAXPAX@Z
realloc
__p__fmode
__pioinfo
_wcsupr
mbstowcs
fflush
swscanf
wcscat
__initenv
_strdup
wcscpy
iswalpha
wcschr
_stricmp

user32

DispatchMessageA
GetCursorPos
MessageBeep
MessageBoxA
CheckDlgButton
SetMenu
GetCapture
EqualRect
GetDC
SetWindowLongW
GetKeyState
IsWindow
SetWindowTextW
InvalidateRect
LoadBitmapW
GetDlgItem
BeginPaint
GetForegroundWindow
DrawTextW
GetWindowTextLengthW
CharUpperA
GetParent
CreatePopupMenu
GetWindowRect
GetClassNameW
GetSystemMetrics

ole32

StringFromIID
StgIsStorageFile
CoCreateInstanceEx
StringFromGUID2
CoUnmarshalInterface
PropVariantCopy
CoInitialize
CreateILockBytesOnHGlobal
IIDFromString
CoGetClassObject
CreateDataAdviseHolder
StringFromCLSID
OleRegEnumVerbs
GetRunningObjectTable
CoCreateGuid
CLSIDFromString
CoInitializeEx
CoDisconnectObject
CoFreeUnusedLibraries
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemFree
OleRun
ReleaseStgMedium
CoGetInterfaceAndReleaseStream
GetHGlobalFromStream
CoGetCallContext
MkParseDisplayName
WriteClassStm
OleRegGetMiscStatus
CoMarshalInterface
CoGetObjectContext
CoReleaseMarshalData
ProgIDFromCLSID
OleSaveToStream

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 485B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd48d1702d7c250af91de18b7e76333f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 30KB - Virtual size: 89KB

.idata Size: 31KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 485B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 30KB - Virtual size: 89KB

.idata
Size: 31KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 485B