edb618790cb54cda34acad1bf1294b22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

edb618790cb54cda34acad1bf1294b22_JaffaCakes118
Size

1.7MB
MD5

edb618790cb54cda34acad1bf1294b22
SHA1

8818d5faa337ef0fd200bb193f0fb0586e5682b6
SHA256

8d4a2f1b218fa6e6d038281d24350b9874626f62d044a20f285cd9909e72fa0e
SHA512

e77564d879978864e76ee7f21ca0bb96789a967851adf349086a182844c14b8c334ee0ce46ebe15188c0cb27e1e12b35d78b5619bdc275d62f1bced89ceb1426
SSDEEP

6144:esvKgnXoYH290o8G1GX4v1Iz5T1jWG14U6Yi8jVMQn95LeS+vbNI+flQxwd/bXS2:flltnG0X4v16B4U6Yi8jKQnYRIuQx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edb618790cb54cda34acad1bf1294b22_JaffaCakes118

Files

edb618790cb54cda34acad1bf1294b22_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c3f98b2231736bbd70c56d558270423

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW
GetVersionExA
FreeEnvironmentStringsW
GetModuleHandleA
DecodePointer
RaiseException
GetSystemTimeAdjustment
GetCommandLineA
GlobalLock
GetEnvironmentStringsW
GetProcAddress
GetTimeZoneInformation
CreateProcessA
GlobalAlloc
TlsFree
EnterCriticalSection
GetDateFormatW
GetStringTypeW
GetModuleFileNameA
HeapSize
GetACP
Beep
HeapAlloc
LoadLibraryExW
EncodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapFree
SetLastError
GetCurrentThreadId
IsValidCodePage
GetOEMCP
GetCPInfo
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleW
CloseHandle

user32

SetScrollRange
GetKeyboardState
GetForegroundWindow
GetWindowLongA
PostMessageA
ClientToScreen
DestroyWindow
GetWindowRect
DrawTextW
SendMessageA
ShowWindow
EnableMenuItem
RegisterClassA
PostQuitMessage
SetKeyboardState
SetFocus
ShowCaret
SetClassLongA
DialogBoxParamA

gdi32

GetTextExtentPoint32A
GetWinMetaFileBits
GetRegionData
CombineRgn
GetCharWidth32W
GetTextExtentPointA
CreatePen
CreateICW
UpdateColors
SetMetaFileBitsEx
SetTextColor
GetDeviceCaps
CreateICA
EqualRgn
GetCharWidthW
DeleteDC
Polygon
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectPalette
GetCharABCWidthsW
SetViewportExtEx
IntersectClipRect
TextOutA
ord1002
GetTextMetricsW

advapi32

SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegEnumKeyA
CopySid
RegQueryValueExA
RegSetValueExA

msvcr100

_isctype

mfc42u

ord6582

ole32

OleFlushClipboard

shlwapi

ord8

rpcrt4

TowerExplode

Sections

.text
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8c3f98b2231736bbd70c56d558270423

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcr100

mfc42u

ole32

shlwapi

rpcrt4

Sections

.text Size: 288KB - Virtual size: 288KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 7KB - Virtual size: 6KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.text
Size: 288KB - Virtual size: 288KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 7KB - Virtual size: 6KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB