603ba1ee8d088c7656c844656c592cc6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

603ba1ee8d088c7656c844656c592cc6_JaffaCakes118
Size

256KB
MD5

603ba1ee8d088c7656c844656c592cc6
SHA1

ecce190b01a6e2bded4e465af67eb701910d4000
SHA256

02bf42a62a5634a4ec14e1d3b7b7c08c3335e504617a17642c821aa8a10e3594
SHA512

1c2dad9fa45322db3a01367bcb938c8f89b089ffc0a4d51359d1a158688dd3e1913c44d1530d9850e8e2672b0370e56154e7ce4430d0ed6b37825b9feae16db9
SSDEEP

3072:Tn6h1xgV6RSUR6QQDZiY8q58b8lds0PZmYEifs7Tesuj8GGSPhvcNDYDl4mXiBRg:bexg1DE+ybadpQTdq19cNDY2qQpt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
603ba1ee8d088c7656c844656c592cc6_JaffaCakes118

Files

603ba1ee8d088c7656c844656c592cc6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edf90eaa04c103d50e2e38fad55dfef9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\eoomcjetgo.pdb

Imports

gdi32

OffsetViewportOrgEx
FlattenPath
PtVisible
GetArcDirection
GetGlyphOutlineA
SetPaletteEntries
StrokePath
PlayMetaFile
PathToRegion
ScaleViewportExtEx
GetClipBox
SetBkColor
CreateHatchBrush
DeleteObject
SetBitmapDimensionEx
ScaleWindowExtEx
RealizePalette
GetBitmapDimensionEx
MoveToEx
GetDCOrgEx
CreateEllipticRgn
GetOutlineTextMetricsA
SetRectRgn
StretchDIBits
GetPath
GetBkColor
RectInRegion
SetBkMode
ExcludeClipRect
SaveDC
CreatePatternBrush
Rectangle
RestoreDC
GetCharABCWidthsA

kernel32

LoadLibraryA
GetModuleHandleW
GlobalAlloc
GetVersion
FreeLibrary
CreateMutexW
VirtualQuery
CreateProcessW
GetCPInfo
WideCharToMultiByte
FindNextFileW
GetFullPathNameW
HeapDestroy
GetStringTypeW
RtlUnwind
GetModuleFileNameW
GetTickCount
TerminateProcess
SetFilePointer
TlsFree
GlobalFree
GetProcessHeap
ExitProcess
ReadFile
GetCommandLineW
GetOEMCP
CompareStringW
GetStartupInfoW
TlsGetValue
RaiseException
GetCurrentThreadId
IsValidLocale
GetLocaleInfoW
FreeEnvironmentStringsW
GetCommandLineA
LCMapStringW
GetFileType
GetStartupInfoA
HeapReAlloc
WaitForSingleObject
MultiByteToWideChar
InterlockedIncrement
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetLocaleInfoA
CloseHandle
CreateFileW
HeapSize
GetVersionExA
GetCurrentProcess
DeleteCriticalSection
GetACP
IsBadCodePtr
GetLocalTime
InterlockedDecrement
VirtualAlloc
GetProcAddress
LoadLibraryW
SetStdHandle
GetModuleHandleA
InterlockedExchange
FindClose
CreateFileA
GetCurrentProcessId
GetLastError
QueryPerformanceCounter
GetTimeZoneInformation
GetStringTypeA
SetEnvironmentVariableA
IsDebuggerPresent
WriteConsoleA
DeleteFileW
SetUnhandledExceptionFilter
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
CompareStringA
LCMapStringA
FindFirstFileW
CreateDirectoryW
UnhandledExceptionFilter
GetSystemTime
GetVersionExW
Sleep
WriteFile
VirtualFree
SetLastError
InitializeCriticalSection
OpenMutexW
GetModuleFileNameA
HeapAlloc
TlsSetValue
FreeEnvironmentStringsA
GetStdHandle
FlushFileBuffers
LeaveCriticalSection
GlobalLock
HeapCreate
SetEndOfFile
HeapFree
EnterCriticalSection
GlobalUnlock
GetFileSize
TlsAlloc

ole32

OleCreateMenuDescriptor
CoDisconnectObject
OleGetClipboard
CoTaskMemAlloc
IsAccelerator
OleIsRunning
CoCreateInstance
OleSetContainedObject
OleDestroyMenuDescriptor
OleFlushClipboard
CoGetMalloc
StgOpenStorageOnILockBytes
OleRun
OleLoad
CreateDataAdviseHolder
StgIsStorageILockBytes
OleDuplicateData
OleSaveToStream
WriteClassStm
ReleaseStgMedium
CoTaskMemFree
OleRegEnumVerbs
OleRegGetMiscStatus
GetClassFile
OleTranslateAccelerator

comctl32

ImageList_LoadImageA
PropertySheetA
InitCommonControlsEx
ImageList_Create
ImageList_GetImageInfo
ImageList_EndDrag
DestroyPropertySheetPage
ord17
ImageList_AddMasked
ImageList_Remove
ImageList_Replace
ImageList_Draw
ImageList_DragMove
ImageList_Add
ImageList_SetBkColor

oleaut32

LoadTypeLi

user32

LoadStringW
IsWindowEnabled
SetMenu
SetRectEmpty
GetClassLongW
InvalidateRect
GetDCEx
ScreenToClient
SetTimer
SetCursor
GetMenuItemInfoW
GetTopWindow
LoadBitmapW
EndPaint
DestroyIcon
GetSysColorBrush
IsMenu
ShowWindow
GetWindowPlacement
GetMessageW
RegisterClassW
GetScrollInfo
LoadMenuW
SetFocus
DefWindowProcW
LoadIconW
WindowFromPoint
MessageBoxW
SystemParametersInfoW
GetCursorPos
GetMenuState
IsDlgButtonChecked
CreateWindowExW
FillRect
SetWindowPos
LoadAcceleratorsW
BringWindowToTop
SetMenuItemInfoW
DestroyWindow
GetWindow
BeginPaint
LoadCursorW
UpdateWindow
GetMessagePos
RegisterClassExW
GetClientRect
DrawTextExW

shell32

DragQueryFileA
ShellExecuteExA
SHGetPathFromIDListA
ord155
SHFileOperationA
SHGetSpecialFolderLocation
DragAcceptFiles
DragFinish
SHGetDesktopFolder

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edf90eaa04c103d50e2e38fad55dfef9

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

ole32

comctl32

oleaut32

user32

shell32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 64KB - Virtual size: 90KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 64KB - Virtual size: 90KB

.rsrc
Size: 56KB - Virtual size: 52KB