e0cf40e63b7737b0d61a57d0d0ddd081_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0cf40e63b7737b0d61a57d0d0ddd081_JaffaCakes118
Size

1.8MB
MD5

e0cf40e63b7737b0d61a57d0d0ddd081
SHA1

22b6a631b37bf1044637a518bd19a64837154b29
SHA256

594e5de83ed36da80d6499b42164b5f10370eab8862dd3fd9bae7da4da89c47d
SHA512

a1da1fdc1a7d714bf739c5d86a5953921b5c32758f6347dc962007f55b9ebac59edc973e241b63352e81fae739f87f9252cdb9616a1fa58c362b3a88c0c411ac
SSDEEP

24576:+3ns6mr35jqY4iTiejuacOcAEDldVe3xtMu+i32Rt3WWJtPd4m3:9LriejNMuBMWCd4u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0cf40e63b7737b0d61a57d0d0ddd081_JaffaCakes118

Files

e0cf40e63b7737b0d61a57d0d0ddd081_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6b3eaa82734e8242fbb421483fd9977

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetACP
GetOEMCP
SetConsoleCtrlHandler
IsValidLocale
IsValidCodePage
LCMapStringW
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
LCMapStringA
RtlUnwind
GetEnvironmentStringsW
GetLocaleInfoA
SetSystemTime
InitializeCriticalSection
GetLastError
FormatMessageA
LocalFree
RemoveDirectoryA
GetDriveTypeA
GetLogicalDrives
CreateFileA
WriteFile
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcess
CreateDirectoryA
SetCurrentDirectoryA
GetProcessHeap
HeapAlloc
HeapFree
WaitForSingleObject
CloseHandle
TerminateThread
CreateThread
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RaiseException
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapReAlloc
FatalAppExitA
GetCurrentThread
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
SetStdHandle
SetEndOfFile
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
DeleteCriticalSection
SetHandleCount
SetFilePointer
GetLocalTime
GetModuleFileNameA
LoadLibraryA
GetProcAddress
OutputDebugStringA
GetStdHandle
DebugBreak
MoveFileA
InterlockedIncrement
InterlockedDecrement
lstrcpyA
WritePrivateProfileStringA
IsDBCSLeadByte
GlobalMemoryStatus
GetDiskFreeSpaceExA
GetVersionExA
GetSystemInfo
GetCurrentDirectoryA
SetLocalTime
FindNextFileA
LeaveCriticalSection
EnterCriticalSection
Sleep
GetPrivateProfileStringA
FindFirstFileA
FindClose
CopyFileA
DeleteFileA
GetEnvironmentStrings
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
lstrlenA
SetCommState
GetCommState
PurgeComm
EscapeCommFunction
SetCommMask
SetCommTimeouts
SetupComm
CreateEventA
ReadFile
ClearCommError
DeviceIoControl
WaitCommEvent
_lread
_lclose
_lopen
WinExec
SetFileAttributesA
SetLastError
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileType
FlushFileBuffers
GetSystemTimeAsFileTime
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetTimeZoneInformation
GetSystemTime
ExitProcess
TerminateProcess

user32

SetRect
FillRect
GetDC
SetWindowPos
PostMessageA
SetCursorPos
SendMessageA
SetForegroundWindow
ShowCursor
PtInRect
SetTimer
DrawTextA
ExitWindowsEx
GetActiveWindow
GetWindowDC
RegisterWindowMessageA
LoadImageA
VkKeyScanA
GetFocus
keybd_event
GetClientRect
MessageBoxA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
ReleaseDC
KillTimer
wsprintfA
SetFocus
DestroyWindow
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA

gdi32

GetTextExtentPoint32A
Ellipse
GetPixel
SaveDC
SetGraphicsMode
ModifyWorldTransform
SetViewportOrgEx
SetWindowOrgEx
GetDeviceCaps
DPtoLP
GetTextMetricsA
RestoreDC
GetDIBits
SetDIBits
CreateBitmap
GetStockObject
RoundRect
StretchDIBits
PatBlt
SetTextAlign
GetTextAlign
SetStretchBltMode
PlgBlt
GetBitmapBits
GetObjectA
SetBkColor
SelectPalette
RealizePalette
CreateCompatibleBitmap
BitBlt
MoveToEx
LineTo
CreatePen
Rectangle
CreateDIBitmap
CreateCompatibleDC
StretchBlt
SetDIBitsToDevice
DeleteDC
SetROP2
SetPixel
SetBkMode
SetTextColor
CreateFontIndirectA
TextOutA
CreateFontA
DeleteObject
CreateSolidBrush
SelectObject

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken

shell32

SHFileOperationA

winmm

sndPlaySoundA
mciSendCommandA

ws2_32

send
recv
accept
listen
closesocket
bind
socket
htons
htonl
ioctlsocket
WSAAsyncSelect
__WSAFDIsSet
select
WSAGetLastError
connect
inet_addr
inet_ntoa
gethostbyname
WSAStartup
WSACleanup

wintmaxd

tpset_timeout
WinTmaxStart
tmaxreadenv
WinTmaxEnd
tpfree
WinTmaxSend
tpalloc
WinTmaxSetContext

flash

PlayFlash
CloseAllFlash
SetText

emv2_v01

EMV_selectUserApplication
EMV_GetProcessingOptions
EMV_GetAppNameList
EMV_Init
EMV_SelectApplication
EMV_ST_Free
EMV_GetTransactionData
EMV_AnalysisTerminalAction
EMV_ManageTerminalRisk
EMV_VerifyCardHolder
EMV_RestrictProcessing
EMV_AuthOfflineData
EMV_ProcessOnline
EMV_ReadApplicationData

mfc42d

ord1123
ord1041
ord1038

oleaut32

OleLoadPicturePath

imm32

ImmGetContext
ImmGetConversionStatus
ImmReleaseContext
ImmGetCompositionStringA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6b3eaa82734e8242fbb421483fd9977

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

ws2_32

wintmaxd

flash

emv2_v01

mfc42d

oleaut32

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 48KB - Virtual size: 2.6MB

.idata Size: 12KB - Virtual size: 9KB

.reloc Size: 80KB - Virtual size: 78KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 48KB - Virtual size: 2.6MB

.idata
Size: 12KB - Virtual size: 9KB

.reloc
Size: 80KB - Virtual size: 78KB