e9fe4d2fed5ad8b6ab2e7a8cfe9cfb0a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e9fe4d2fed5ad8b6ab2e7a8cfe9cfb0a_JaffaCakes118
Size

96KB
MD5

e9fe4d2fed5ad8b6ab2e7a8cfe9cfb0a
SHA1

5009ef5dfa51ddc95af94a7ac59cc4723d860c84
SHA256

c80b7c679a38accf75b79fb41538c8bbfcfa664ab21699b1d7b3e24e1a8d1a8d
SHA512

bd3358f5ced77f2e8af0be825eabce15802efa37d80147932edd61e14d68eb9108333a05713b17be5d9c5a62981223d1a10f76ac7b9c1d360c663854944f9331
SSDEEP

1536:8Uc8PZQ0NLyTST6RGFohj3zjfvLHCky6aZm0r8RQjwBp7msPqTF:y0QHT060G93zjfvLHdypm0ARQEBp7m3F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9fe4d2fed5ad8b6ab2e7a8cfe9cfb0a_JaffaCakes118

Files

e9fe4d2fed5ad8b6ab2e7a8cfe9cfb0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57f73824000da3e0a03acf8e57dcabc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

ord9
ord141
ord31
ord75
ord111
ord24

mpr

WNetCancelConnection2W

comctl32

InitCommonControlsEx

kernel32

SetFilePointer
WriteFile
GetFileSize
CreateFileW
lstrcpyW
OutputDebugStringW
FlushFileBuffers
lstrlenW
lstrcmpW
lstrcmpiW
lstrcatW
GetLastError
DeleteFileW
GetModuleHandleA
GetStartupInfoA
GetTempFileNameW
CopyFileW
GetFileAttributesW
GetTempPathW
GetProcAddress
LoadLibraryW
FreeLibrary
GetComputerNameW
HeapReAlloc
LocalFree
LocalAlloc
ReadProcessMemory
OpenProcess
EnterCriticalSection
SetFileAttributesW
SetLastError
RemoveDirectoryW
CreateProcessW
GetPrivateProfileIntW
WritePrivateProfileStringW
WinExec
GetShortPathNameW
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
GetCommandLineW
CreateThread
FindResourceW
LoadResource
LockResource
GetModuleFileNameW
lstrcpynW
GetDiskFreeSpaceExW
HeapAlloc
Sleep
GetExitCodeThread
CloseHandle
GetVersionExA
GetProcessHeap
HeapFree
GetCurrentProcess
MoveFileExW
CreateDirectoryW

user32

SystemParametersInfoW
MessageBoxA
LoadStringA
MessageBoxW
UpdateWindow
ShowWindow
LoadStringW
SendMessageW
wsprintfW
SetWindowTextW
CreateDialogParamW
LoadIconW
DefWindowProcW
EndDialog
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
DestroyWindow
SetWindowPos
GetSystemMetrics
GetWindowRect
CharLowerBuffW
SendMessageTimeoutW
DialogBoxParamW
RegisterClassExW
LoadCursorW
GetDlgItem

gdi32

CreateFontIndirectW
DeleteObject

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW
QueryServiceConfigW
ChangeServiceConfigW
StartServiceW
RegOpenKeyExW
EnumDependentServicesW
RegCloseKey
OpenServiceW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegSaveKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ControlService
RegRestoreKeyW
RegConnectRegistryW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
QueryServiceStatus
DeleteService

shell32

SHChangeNotify
CommandLineToArgvW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
StringFromGUID2

msvcrt

__p__commode
__set_app_type
__p__fmode
_wstrdate
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
_ltow
_wcslwr
wcsstr
_wcsnicmp
_wtoi
__dllonexit
_wstrtime
_vsnwprintf
wcsrchr
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
_onexit

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

57f73824000da3e0a03acf8e57dcabc7

Headers

File Characteristics

Imports

odbc32

mpr

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcrt

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 16KB

.text Size: 12KB - Virtual size: 9KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 16KB

.text
Size: 12KB - Virtual size: 9KB