e28410213a6b2d8ec9eaa5546e87cc55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e28410213a6b2d8ec9eaa5546e87cc55_JaffaCakes118
Size

380KB
MD5

e28410213a6b2d8ec9eaa5546e87cc55
SHA1

009f7472ddd8d0e1ef657f8a1d7ab46d5e457aab
SHA256

bbf9daf2a45ed892ae2a3d5aa5343de7ae06746cb0bd8b1df24a7c884c3515e4
SHA512

170bf7012dcccc7c2a6c39cf718016ba4cb76d465ffffee2fa3aa334c0775bc40356c0c178d651542b7fef8cdd1156ceff0ecb126cdf90e7c91ec1ee991c7154
SSDEEP

6144:pMjDYmW9UjQPf9VchxEtJYSdouMv4P7hLVnQDWcnOjx3xMxJX:a3YxPfkAjXdouMv43n5cngxBY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e28410213a6b2d8ec9eaa5546e87cc55_JaffaCakes118

Files

e28410213a6b2d8ec9eaa5546e87cc55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35bfd7f8882f6dc3ec916fd851ab2294

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetCursorPos
ReleaseDC
GetClientRect
ScreenToClient
GetActiveWindow
DestroyWindow
GetParent
DefWindowProcA
ShowWindow
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
EnableMenuItem
RegisterClassA
GetSubMenu
SetTimer
FillRect
DispatchMessageA
SetFocus
EndPaint
KillTimer
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
SetWindowLongA
SetWindowTextA
GetWindowLongA
CreateWindowExA
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
SetForegroundWindow
EndDialog
SetDlgItemTextA
MessageBoxA
GetSysColor
PostMessageA
SystemParametersInfoA
IsWindow
SetWindowPos
PostQuitMessage
BeginPaint
CallWindowProcA
SendMessageA
InvalidateRect
SetCursor

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyA

gdi32

SetBkMode
DeleteDC
SetBkColor

kernel32

GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
LocalAlloc
CreateFileA
SetErrorMode
FreeEnvironmentStringsW
GetCPInfo
GetStringTypeA
GetSystemDefaultLCID
GetTimeZoneInformation
GetSystemTimeAsFileTime
SizeofResource
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
GetExitCodeProcess
InitializeCriticalSection
LoadResource
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
SetLastError
TlsGetValue
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetUserDefaultLCID
GetUserDefaultLangID
GetSystemDefaultLangID
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
InterlockedExchange
WaitForMultipleObjects
ResetEvent
GetOEMCP
VirtualAlloc
Sleep
VirtualFree
WriteFile
HeapCreate
SetStdHandle
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
CreateProcessW
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
LoadLibraryExW
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GetModuleHandleA
RemoveDirectoryA
FindNextFileA
CreateFileMappingA
CompareStringA
GetDiskFreeSpaceA
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
LoadLibraryExA

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

msvcrt

_exit
exit
_cexit

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35bfd7f8882f6dc3ec916fd851ab2294

Headers

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

oleaut32

ole32

msvcrt

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 312KB - Virtual size: 310KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 312KB - Virtual size: 310KB

.rsrc
Size: 8KB - Virtual size: 4KB