e1e038644262e3d6878ebee04f0a6889_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e1e038644262e3d6878ebee04f0a6889_JaffaCakes118
Size

256KB
MD5

e1e038644262e3d6878ebee04f0a6889
SHA1

fd5e52845ea34fd37b04d609d5417209f3272fa1
SHA256

9b1a8d531e2e236b985adac7282d693ac8c5f8136bfa6071ff32821c9c3dc342
SHA512

c932e9fa7eb480332253b66d0d9a31c64a9ef00b73e0f837a50a394d41c45dfe20ce635fafa9792673a43a135ef9769747a38caca170f304eac03d0352663889
SSDEEP

3072:nDt64f+TPTRK3a1o5ZlbmvvzT0s2rRsamQN6ahC1bBz7zU/WZAn53mkZ8f7QJ4r:nUJTymjT0s/76C1bxsUAnLZe73r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1e038644262e3d6878ebee04f0a6889_JaffaCakes118

Files

e1e038644262e3d6878ebee04f0a6889_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfa6e0a024f44d2fef81ecd1d36b4340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
GlobalFlags
lstrcmpW
lstrcmpiW
GetProcessVersion
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrcatW
GlobalAddAtomW
GetPrivateProfileStringW
GlobalFindAtomW
GlobalDeleteAtom
lstrcpyW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
CloseHandle
GetVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
GetModuleFileNameW
lstrcpynW
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter

user32

AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageW
LoadIconW
SetWindowTextW
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageW
GetKeyState
CallNextHookEx
PeekMessageW
MessageBoxW
GetClientRect
LoadStringW
UnhookWindowsHookEx
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SendMessageW
EnableWindow

gdi32

SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RestoreDC
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW

comctl32

ord17

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfa6e0a024f44d2fef81ecd1d36b4340

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 20KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 20KB

.text
Size: 168KB - Virtual size: 168KB