ce4e63e40635ac136ee0579a5bce5228_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce4e63e40635ac136ee0579a5bce5228_JaffaCakes118
Size

2.4MB
MD5

ce4e63e40635ac136ee0579a5bce5228
SHA1

b62ec9d54cc5c5e080f00ca2724b39f5f9f1d3e6
SHA256

c9bbbe58e20b0ba48028f17bf14dc79593c2860351eac35024934be144ed2d5e
SHA512

edd1c41b71b15757094aa9ff6374346379acc3931294d777bed3cd892a4757d46f3e6035fdf5cfd98d4a7a5d6bfb1defe59b19368fc42cf7d54b68b5de294c43
SSDEEP

49152:E4eNu9wmaTzHwDkoM4GhHkmdMFBbAIVr++PDGKxDxgEnZR:E4Cu9wXzHwDd0EmdOBbAIdFPK9EZR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce4e63e40635ac136ee0579a5bce5228_JaffaCakes118

Files

ce4e63e40635ac136ee0579a5bce5228_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3fbf7c944095a8feb6150734ecf098b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
Polyline
CreateCompatibleDC
GetFontData
CreateDIBitmap
SetBkColor
GetObjectA
ExtTextOutW
GetNearestColor
CreateDiscardableBitmap
SetWindowExtEx
UpdateColors
DescribePixelFormat
GetMetaFileA
TextOutA
RemoveFontResourceW

kernel32

GetProcessHeap
LoadLibraryExW
GetPrivateProfileIntA
CreateSemaphoreA
MultiByteToWideChar
LocalAlloc
CreateProcessW
GetSystemInfo
LoadLibraryExA
CreateWaitableTimerW
CreateMutexA
GetCPInfoExA
LocalFree
LoadLibraryA
FindResourceA
GetTickCount
GetLocaleInfoA
GetThreadContext
GetCommState
EnumResourceTypesA
SetProcessWorkingSetSize
SetEndOfFile
WaitForSingleObjectEx
GetBinaryTypeA
GetCommandLineW
WaitForSingleObject

dbghelp

GetTimestampForLoadedLibrary
SymGetModuleInfo
SymMatchFileName
SymLoadModule
SymEnumerateSymbolsW
SymCleanup
SymInitialize
SymGetModuleInfoW
ImagehlpApiVersionEx

comctl32

ImageList_AddMasked
ImageList_Remove
PropertySheetA
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Draw
CreatePropertySheetPageW
ImageList_Read
ImageList_Create
ImageList_GetImageCount
ImageList_Write

msvcrt

strerror
sprintf
vfprintf
memcpy
wprintf
wcsrchr
strstr
fprintf
wcstod
strspn
ungetc
strpbrk
memset

user32

DrawFrameControl
GetKeyboardLayoutList
CreateAcceleratorTableA
IsRectEmpty
OemToCharBuffA
SetCursorPos
GetMenu
InflateRect
DrawFocusRect
GetUpdateRect
GetMenuStringA
DialogBoxParamW
SetMenuItemBitmaps
GetKeyState
SetCursor
RedrawWindow
RemoveMenu
InsertMenuW
ModifyMenuA
LoadStringW
GetPropW
DialogBoxIndirectParamW
TrackPopupMenuEx
SendMessageW
WaitMessage
CreatePopupMenu

winspool.drv

DeviceCapabilitiesA

Exports

Exports

_HxH_egfjD_dNb@4
_DcYa_qlopa_mbv@8
_NzUVP_wejia@16
_ZeNXQ_lRkxz_wil@4
_Login_User_ToSystem@8
_SpAo_rvxwj_wcpTm@4
_Terminate_User_Threads@12

Sections

.code
Size: 512B - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3fbf7c944095a8feb6150734ecf098b

Headers

File Characteristics

Imports

gdi32

kernel32

dbghelp

comctl32

msvcrt

user32

winspool.drv

Exports

Exports

Sections

.code Size: 512B - Virtual size: 6.5MB

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 1024B - Virtual size: 650B

.code
Size: 512B - Virtual size: 6.5MB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 1024B - Virtual size: 650B