e1cead9e10a25ebf41dcd9010c3ed0f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1cead9e10a25ebf41dcd9010c3ed0f9_JaffaCakes118
Size

2.1MB
MD5

e1cead9e10a25ebf41dcd9010c3ed0f9
SHA1

7de6bd0e20fb2f14305db373dd89f62103db1d72
SHA256

a45992fc92cf77a99123e3c8d1ef6d9b606ed5d705901f0fe2b9761b951019c2
SHA512

8da1a39b8ce57ddb7d4261c2c371b90872ac00ab1d7395b3dde59fcafee85aeb3abb473bce62fbfd701b1c2c618f9653061c93ef23f311eaa93ee87748437bb3
SSDEEP

24576:qTUIrFcXAoeJQT5t2pukMx4Dysp7TcadC+2YWUuNKfc6Zhk:qTTbYZBxiBBVekVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1cead9e10a25ebf41dcd9010c3ed0f9_JaffaCakes118

Files

e1cead9e10a25ebf41dcd9010c3ed0f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0eb25921f7ef6a14cbb9e9ca86f1267e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextLengthW
DispatchMessageW
IsChild
EndDialog
GetDlgItemInt
GetDlgCtrlID
IsDialogMessageW
GetIconInfo
DestroyCursor
GetClassNameW
FrameRect
DrawFocusRect
ScreenToClient
GetCursor
GetCursorPos
ShowCursor
TranslateMessage
ScrollDC
InvalidateRect
GetUpdateRect
ReleaseDC
GetDCEx
GetDC
DeleteMenu
IsWindowUnicode
SetTimer
MsgWaitForMultipleObjectsEx

kernel32

CreateFileW
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
VirtualAlloc
HeapFree
GetProcessHeaps
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
SizeofResource
GetFileSize
ReadFile
SetFilePointer
FindClose
GetFileTime
CloseHandle
lstrcmpW
lstrcmpiW
TlsFree
CreateEventW
CreateWaitableTimerW
LoadLibraryExW
GetModuleHandleW
FindResourceW
GetProfileIntW
GetFileAttributesW
FindFirstFileW
MapViewOfFileEx
GetACP
GetOEMCP
CompareStringW
GetUserDefaultLCID
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetCurrentProcess

ntdsapi

DsCrackNamesW
DsBindW

uxtheme

DrawThemeText
GetThemePartSize
GetThemeSysColor
IsAppThemed
OpenThemeData

shell32

SHCreateDirectoryExW
DragAcceptFiles
DragQueryFileW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
ExtractIconExW

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 596KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.9ho1i4
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5odl9
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.otare
Size: 810KB - Virtual size: 809KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nvtgm
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eb25921f7ef6a14cbb9e9ca86f1267e

Headers

File Characteristics

Imports

user32

kernel32

ntdsapi

uxtheme

shell32

Sections

.text Size: 79KB - Virtual size: 79KB

.data Size: 596KB - Virtual size: 6.9MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.9ho1i4 Size: 154KB - Virtual size: 153KB

.5odl9 Size: 155KB - Virtual size: 155KB

.otare Size: 810KB - Virtual size: 809KB

.nvtgm Size: 336KB - Virtual size: 336KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 79KB

.data
Size: 596KB - Virtual size: 6.9MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.9ho1i4
Size: 154KB - Virtual size: 153KB

.5odl9
Size: 155KB - Virtual size: 155KB

.otare
Size: 810KB - Virtual size: 809KB

.nvtgm
Size: 336KB - Virtual size: 336KB

.rsrc
Size: 5KB - Virtual size: 4KB