e207d66a7101a4e7fffd0a1defb4df21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e207d66a7101a4e7fffd0a1defb4df21_JaffaCakes118
Size

511KB
MD5

e207d66a7101a4e7fffd0a1defb4df21
SHA1

c432b39a370b784135dd0ef186b5234f9b121e43
SHA256

27095411933d63020990eba93c452243d750ff4ef5f2a0ac210d77c9a7153f5e
SHA512

b2264cd08129a01bd764cd1d93d1f584a20532949374a79cef118707e7741f4dfd5eb99b21518477b92550cf6bd9a2986d8a26620f93b1bbcc66d8deec15ce59
SSDEEP

12288:Yx+08ZZ5+Jlqz9X7Dkr8BrgjDIztP74qxxtFC:w+PZD5pKCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e207d66a7101a4e7fffd0a1defb4df21_JaffaCakes118

Files

e207d66a7101a4e7fffd0a1defb4df21_JaffaCakes118
.exe windows:5 windows x86 arch:x86

491b259a1a627f204c558812eac1e79c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
DeleteObject
CreateSolidBrush
GetStockObject
CreateCompatibleDC
SetBkColor

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen
VariantClear

advapi32

RegDeleteValueA
RegCreateKeyExW
RegOpenKeyExA
RegCloseKey
RegSetValueExA

kernel32

VirtualAlloc
FindResourceA
IsBadReadPtr
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
GetEnvironmentStrings
GetModuleHandleW
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
lstrlenA
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateFileW
RemoveDirectoryA
GlobalLock
FindFirstFileW
CreateFileMappingA
CompareStringA
FindFirstFileA
lstrcmpA
GetProcessHeap
GetSystemInfo
GetUserDefaultLCID
SetEvent
SetErrorMode
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
LeaveCriticalSection
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
SetCurrentDirectoryA
GetProcAddress
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
MulDiv
GetStartupInfoA
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
GetSystemTime
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
lstrcmpiA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
LoadLibraryExW
ExpandEnvironmentStringsA
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
HeapDestroy
FindNextFileA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
HeapCreate
RtlUnwind

user32

SetCursor
CallWindowProcA
GetClientRect
DrawTextA
SendMessageA
InvalidateRect
GetSysColor
GetFocus
EndDialog
ReleaseDC
LoadIconA
LoadCursorA
ClientToScreen
GetDlgItem
SetTimer
GetWindowLongA
CheckMenuItem
SetWindowTextA
SetWindowLongA
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
SetFocus
DispatchMessageA
CreateWindowExA
GetSubMenu
RegisterClassA
IsWindowEnabled
TranslateMessage
SetWindowPos
EnableWindow
ShowWindow
FillRect
UpdateWindow
GetParent
DestroyWindow
GetDC
IsWindow
PostQuitMessage
SetForegroundWindow

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 467KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

491b259a1a627f204c558812eac1e79c

Headers

File Characteristics

Imports

gdi32

oleaut32

advapi32

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 467KB - Virtual size: 466KB

.data Size: 21KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 467KB - Virtual size: 466KB

.data
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 1KB