ecc9700fa1e2e57b19b29a08d355c999_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecc9700fa1e2e57b19b29a08d355c999_JaffaCakes118
Size

636KB
MD5

ecc9700fa1e2e57b19b29a08d355c999
SHA1

e5c121db2707168810dff0b1a44f7a53213e1180
SHA256

9e222e860d9061e838d1bcb368bd9790bf97aed8db17579513c78c738ab5d487
SHA512

fab83357d296c9fa383805a1fc3ea436b9f54a57b261e1320b2ba5294cb8690838dd00f47475083eff2d042d599b764e6be31effeb70772ba063fc9e785e9146
SSDEEP

12288:52MCS12nEKZrHugjRtJgYqPn9YctWG3O:oMCc2FOCRtw9Y3G3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecc9700fa1e2e57b19b29a08d355c999_JaffaCakes118

Files

ecc9700fa1e2e57b19b29a08d355c999_JaffaCakes118
.exe windows:4 windows x86 arch:x86

279004b6d79aa9a497e25be8a52febbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\siay.pdb

Imports

kernel32

GetDateFormatW
TlsGetValue
SetCriticalSectionSpinCount
WriteConsoleW
GetStartupInfoW
GetCompressedFileSizeA
GetCurrentProcessId
GetPrivateProfileStringW
LoadLibraryA
CompareStringW
GetTickCount
GetModuleHandleA
GetAtomNameA
IsDebuggerPresent
CreateSemaphoreA
CreateFileMappingW
CreateWaitableTimerW
GetConsoleCP
GetCommandLineW
GetProfileIntA
GetOEMCP
IsValidCodePage
OpenFileMappingW
FindNextFileW
ReadConsoleA
GetStdHandle
CreateMutexA
GetDriveTypeA
GetTimeFormatA
WriteConsoleA
CopyFileA
Sleep
lstrcat
ReadConsoleOutputCharacterW
SetEnvironmentVariableA
GetVersionExW
CreateEventW
WaitForDebugEvent
GetDateFormatA
QueryPerformanceCounter
InterlockedExchange
GetModuleFileNameA
GetACP
IsValidLocale
LCMapStringA
VirtualAllocEx
GetCurrentProcess
GetWindowsDirectoryW
GetModuleFileNameW
lstrlenW
VirtualAlloc
lstrlen
LockFile
FillConsoleOutputCharacterA
CreateProcessA
ExitProcess
InterlockedDecrement
HeapCreate
lstrlenA
GetProcessHeap
GetConsoleCursorInfo
MoveFileExW
AllocConsole
FreeEnvironmentStringsW
FindFirstFileExW
SetSystemTime
GetCPInfo
TlsSetValue
GetTimeZoneInformation
GetCurrentThread
GetCalendarInfoW
CreateFileA
GetLastError
FindFirstFileA
LoadLibraryExA
GetCompressedFileSizeW
GlobalSize
HeapAlloc
GetUserDefaultLCID
VirtualQuery
EnterCriticalSection
FindResourceExA
GetConsoleMode
GetCurrentThreadId
CreateSemaphoreW
OutputDebugStringW
LeaveCriticalSection
FindResourceExW
GetThreadLocale
VirtualFree
GetLocaleInfoA
SetConsoleCtrlHandler
OpenFile
SetUnhandledExceptionFilter
OpenEventW
TryEnterCriticalSection
GetStartupInfoA
SetThreadContext
UnhandledExceptionFilter
WideCharToMultiByte
MapViewOfFile
GetCommandLineA
GetLogicalDriveStringsA
GetLocaleInfoW
SetFilePointer
ResetEvent
SystemTimeToFileTime
GetStringTypeW
SetConsoleActiveScreenBuffer
CreateWaitableTimerA
LCMapStringW
ReadFile
GetTimeFormatW
CloseHandle
TlsAlloc
TerminateProcess
HeapReAlloc
SetConsoleOutputCP
GetFileType
EnumSystemLocalesA
LocalSize
PulseEvent
CreateEventA
InterlockedIncrement
SuspendThread
lstrcmp
MoveFileW
GlobalUnfix
GetCurrentDirectoryA
SetStdHandle
InitializeCriticalSection
RtlUnwind
GetStringTypeA
WriteFile
GetShortPathNameW
CreatePipe
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
TlsFree
GetSystemTime
HeapFree
MultiByteToWideChar
CreateToolhelp32Snapshot
HeapSize
OpenMutexA
FreeLibrary
GetProcAddress
GetVersionExA
FlushFileBuffers
SetLastError
GetEnvironmentStringsW
CompareStringA
GetLogicalDrives
WriteProfileSectionW
HeapDestroy
SetHandleCount
GetEnvironmentStrings
DeleteCriticalSection
FindFirstFileExA
WaitNamedPipeA
GetConsoleOutputCP
GetPrivateProfileIntA

shell32

SHFileOperation
ShellExecuteEx

user32

DestroyWindow
DefWindowProcA
SetKeyboardState
GetScrollRange
GetGuiResources
PeekMessageA
EnumPropsExW
SetPropW
DrawEdge
GetDialogBaseUnits
SetWindowsHookExW
EnumWindowStationsW
SendIMEMessageExW
EnableScrollBar
DdeImpersonateClient
IsChild
GetClassWord
GetKeyNameTextA
PostQuitMessage
SetRect
RegisterClassExA
GetScrollPos
LoadImageA
GetWindowModuleFileNameW
CharLowerA
DdeNameService
SetActiveWindow
CreateIconFromResource
DdePostAdvise
TranslateMessage
SetWindowContextHelpId
SetWindowTextA
GetUserObjectSecurity
GetDlgItem
ShowScrollBar
ChangeDisplaySettingsExW
DialogBoxParamA
GetUserObjectInformationA
DdeCreateDataHandle
CreateWindowExA
GetKeyboardLayoutList
GetMenuStringA
MessageBoxW
CloseClipboard
RegisterHotKey
SetLastErrorEx
DefFrameProcA
GetParent
OemToCharBuffW
GetKeyboardLayoutNameW
RegisterClassA
DrawFrameControl
IsCharAlphaA
CreateAcceleratorTableW
ShowWindow
FreeDDElParam
RegisterWindowMessageA
CheckMenuRadioItem

gdi32

DrawEscape
PolylineTo
SetMapperFlags
GetPath
CreateMetaFileA
DeleteObject
ExtEscape
PolyPolyline
SetBrushOrgEx
ArcTo
CreateDCW
GetEnhMetaFileDescriptionW
GdiSetBatchLimit
GetSystemPaletteEntries
GetDeviceCaps
GetObjectA
CombineTransform
CreateBitmapIndirect
DPtoLP
EndPath
GetAspectRatioFilterEx
TextOutW
DeleteDC
GetEnhMetaFileA
PolyTextOutA
SetRectRgn
GetBoundsRect
CreateDIBPatternBrush

comctl32

DestroyPropertySheetPage
ImageList_Merge
ImageList_GetImageInfo
ImageList_LoadImage
ImageList_SetFilter
ImageList_BeginDrag
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_DrawIndirect
CreatePropertySheetPageA
CreatePropertySheetPageW
ImageList_AddMasked
DrawStatusText
InitCommonControlsEx
ImageList_DragEnter
ImageList_Remove
GetEffectiveClientRect
CreateToolbar
ImageList_GetFlags
MakeDragList
ImageList_Draw
ImageList_Copy
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Duplicate

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

279004b6d79aa9a497e25be8a52febbf

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

user32

gdi32

comctl32

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 40KB - Virtual size: 39KB