e0c7bcd9329f8fc5527758316d6c8323_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0c7bcd9329f8fc5527758316d6c8323_JaffaCakes118
Size

332KB
MD5

e0c7bcd9329f8fc5527758316d6c8323
SHA1

bc3d8ee3043448892196dddd43bb87fc040a7889
SHA256

0634588fc132640c573b9e846537bcf28de768e123a6e12ed718b8d2cb441a93
SHA512

d5614d514ffb20ea74a58291a5ec51ab6143eb95c79b27a6229ff3ccc2e75ee29abd6f838a15fbda2bb6b6964cd49b573120c94cc528622259838090d0eb6e9e
SSDEEP

6144:QwOwgd446JX/+Z6B1qyDL72elewlKNkIVcgC9OWI5kvaCoT5xlmFfTILy/8Cao:Q5wK44T8syDL725QKjVcgySpHT5xA5Td

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0c7bcd9329f8fc5527758316d6c8323_JaffaCakes118

Files

e0c7bcd9329f8fc5527758316d6c8323_JaffaCakes118
.exe windows:4 windows x86 arch:x86

257c798603847cbb8813bb3f33653a27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\

Imports

user32

OpenClipboard
FreeDDElParam
SetShellWindow
RegisterClassExA
DialogBoxIndirectParamW
DdeImpersonateClient
MonitorFromRect
BeginDeferWindowPos
CloseWindowStation
GetUpdateRgn
WindowFromDC
TrackPopupMenuEx
SetCapture
IsCharAlphaNumericW
GetProcessWindowStation
wvsprintfW
SetProcessDefaultLayout
GetNextDlgGroupItem
DdeGetData
RegisterClassA
DrawTextExA
MonitorFromPoint
SendNotifyMessageA
PeekMessageW
MessageBoxIndirectA
EnumDesktopsA

comctl32

InitCommonControlsEx

kernel32

HeapFree
HeapAlloc
GetTimeZoneInformation
EnumSystemLocalesA
HeapSize
SetLastError
WriteFile
GetModuleFileNameA
VirtualFree
GetProfileIntW
GetSystemTimeAsFileTime
MultiByteToWideChar
FreeEnvironmentStringsW
GetDateFormatA
VirtualAlloc
GetTickCount
DeleteCriticalSection
FlushFileBuffers
CreateMutexA
GetCommandLineW
FileTimeToDosDateTime
ReadFile
GetModuleHandleA
GetStartupInfoW
WritePrivateProfileSectionA
WideCharToMultiByte
GetSystemInfo
GetModuleFileNameW
GetCommandLineA
SetHandleCount
GetFileType
LeaveCriticalSection
GetUserDefaultLCID
GetEnvironmentVariableA
VirtualProtect
HeapCreate
GetVersionExA
IsValidLocale
GetTimeFormatA
CompareStringA
GetEnvironmentStrings
LoadLibraryA
IsValidCodePage
CloseHandle
GetACP
SetStdHandle
RtlUnwind
UnhandledExceptionFilter
VirtualQuery
GetConsoleTitleW
GetCPInfo
InterlockedExchange
HeapDestroy
VirtualLock
OpenMutexA
QueryPerformanceCounter
GetLocaleInfoA
TlsSetValue
GetCurrentThread
ExitProcess
TerminateProcess
SetEnvironmentVariableA
InitializeCriticalSection
GetOEMCP
GetCurrentProcess
LCMapStringA
GetCurrentThreadId
TlsGetValue
SetFilePointer
EnterCriticalSection
LCMapStringW
SetThreadPriority
FreeEnvironmentStringsA
TlsFree
GetCurrentProcessId
GetLocaleInfoW
IsBadWritePtr
CommConfigDialogW
GetStringTypeA
GetStartupInfoA
TlsAlloc
GetLastError
GetProcAddress
HeapReAlloc
GetStringTypeW
CompareStringW
GetStdHandle
GetEnvironmentStringsW

comdlg32

LoadAlterBitmap
GetSaveFileNameW
GetOpenFileNameW
FindTextA

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

257c798603847cbb8813bb3f33653a27

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

comdlg32

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 16KB - Virtual size: 35KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 16KB - Virtual size: 35KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 12KB - Virtual size: 12KB