e4f09c0fe74958f99bacbbee1ad95935_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e4f09c0fe74958f99bacbbee1ad95935_JaffaCakes118
Size

475KB
MD5

e4f09c0fe74958f99bacbbee1ad95935
SHA1

baedcded81916113a3af1f9ca18bd42272897d68
SHA256

2e0997482c43dd1fcc291a7e66bcfadcba3573a4befe1f0ec17122d453ddcebd
SHA512

a61ccca7e28d7405f30622dc75aa215f16cd67db12397c49bad70f2bb9674545261d95984e60f8b80e0c5bd6d2d00ce1f61804ac8bf85321302839e179843419
SSDEEP

6144:by1IA6z8De5YLU62thTHBl1Wm5lAxGqxFkkELeNgRkQdfFyDFvDLt1iiiiL8CVmR:biIA6gehThl1YxGIULeqR58RDtMsY5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4f09c0fe74958f99bacbbee1ad95935_JaffaCakes118

Files

e4f09c0fe74958f99bacbbee1ad95935_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a824715064d9ae8d2c915b2f7a2ebf62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\\Release\twoMethods.pdb

Imports

kernel32

HeapFree
HeapAlloc
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
GetFileType
GetCommandLineA
GetStartupInfoA
RtlUnwind
Sleep
ExitProcess
HeapReAlloc
HeapSize
HeapCreate
VirtualFree
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetErrorMode
GetModuleHandleW
GetOEMCP
GetCPInfo
SetEndOfFile
SetFilePointer
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
WritePrivateProfileStringA
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetModuleFileNameW
GlobalUnlock
GlobalFree
FreeResource
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetCurrentProcessId
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpA
FreeLibrary
GetProcAddress
lstrcpyA
LocalFree
OpenFileMappingA
CloseHandle
CompareStringA
GetModuleHandleA
CreateIoCompletionPort
WaitForMultipleObjects
SetNamedPipeHandleState
CreateEventW
LocalAlloc
CreateNamedPipeA
VirtualAlloc
GetLastError
GetLogicalDriveStringsA
GetStdHandle
FlushFileBuffers
DisconnectNamedPipe
SetConsoleTitleA
GetTimeZoneInformation
ReadFile
MulDiv
CreateEventA
GlobalAlloc
GetPriorityClass
WriteFile
ConnectNamedPipe
WaitForSingleObject
WaitNamedPipeA
InterlockedDecrement
MapViewOfFile
lstrlenA
CreateFileA
FlushInstructionCache
GetCurrentProcess
RaiseException
ExitThread
GetVersion
DeleteCriticalSection
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
WideCharToMultiByte
InterlockedCompareExchange
SetHandleCount
InitializeCriticalSection

user32

SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
GetSysColor
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
GetWindowTextA
SetFocus
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
SetWindowsHookExA
CallNextHookEx
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
ValidateRect
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
GetMenuState
CheckMenuItem
EndPaint
GetMessageA
GetSystemMenu
GetWindowRect
SetActiveWindow
TrackPopupMenu
GetWindowDC
FillRect
DrawTextA
GetKeyState
GetSubMenu
DrawIconEx
DeleteMenu
GetDlgCtrlID
LoadMenuA
FindWindowExA
BeginPaint
wsprintfW
GetScrollRange
GetDC
InflateRect
RegisterClassExW
OffsetRect
SetRect
InvalidateRect
TileWindows
CreateWindowExA
EnableMenuItem
EmptyClipboard
EndDialog
SetWindowPos
GetCursorPos
LoadAcceleratorsA
ShowWindow
GetSysColorBrush
DrawMenuBar
SetMenuDefaultItem
OpenClipboard
SetWindowTextA
MapWindowPoints
DestroyMenu
LoadCursorA
DialogBoxParamA
DrawFrameControl
GetDialogBaseUnits
GetTopWindow
GetParent
SendDlgItemMessageA
PtInRect
RegisterWindowMessageA
SetWindowLongA
GetDlgItem
DefWindowProcA
IsWindow
CallWindowProcA
GetWindow
IsIconic
LoadIconA
DrawIcon
GetClientRect
GetWindowLongA
GetSystemMetrics
EnableWindow
SetTimer
KillTimer
SendMessageA
CopyImage
SendMessageW
PostMessageA
UnregisterClassA
wsprintfA
GetCaretPos
GetScrollInfo
IsDialogMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetMessageTime
GetMessagePos
SetMenu
SetForegroundWindow
UpdateWindow
GetMenuItemID
GetMenuItemCount
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
LoadBitmapA
CopyRect
GetMenu

gdi32

SetMapMode
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SaveDC
GetDeviceCaps
SetBkColor
PatBlt
RestoreDC
GetTextExtentPoint32A
LineTo
SetTextColor
DeleteDC
CreateFontA
CreateFontIndirectA
GetDIBits
GetCurrentObject
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreatePen
GetObjectA
MoveToEx
CreateBitmap
BitBlt
ScaleViewportExtEx
GetStockObject

comdlg32

GetOpenFileNameA
PrintDlgExA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
ConvertStringSidToSidA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupAccountNameA

shell32

SHQueryRecycleBinA
SHEmptyRecycleBinA
ExtractIconExA

comctl32

ImageList_Create

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantChangeType
VariantClear

avicap32

capGetDriverDescriptionA

msacm32

acmFormatEnumA
acmMetrics

rpcrt4

RpcServerListen
RpcServerUseProtseqEpA
RpcMgmtWaitServerListen

oleacc

CreateStdAccessibleObject
LresultFromObject

wtsapi32

WTSQuerySessionInformationA

uxtheme

OpenThemeData
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
CloseThemeData
DrawThemeParentBackground
DrawThemeText

authz

AuthzInitializeContextFromSid

ntdsapi

DsReplicaGetInfoW

tapi32

lineGetLineDevStatus

Sections

.text
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a824715064d9ae8d2c915b2f7a2ebf62

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

avicap32

msacm32

rpcrt4

oleacc

wtsapi32

uxtheme

authz

ntdsapi

tapi32

Sections

.text Size: 257KB - Virtual size: 256KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 145KB - Virtual size: 301KB

.text
Size: 257KB - Virtual size: 256KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 145KB - Virtual size: 301KB