ea7c37f8e18a0fd9aa5aa5d9f51c4504_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea7c37f8e18a0fd9aa5aa5d9f51c4504_JaffaCakes118
Size

608KB
MD5

ea7c37f8e18a0fd9aa5aa5d9f51c4504
SHA1

e951f9cf78b967a1f51d43acdeedb902f86dd80e
SHA256

b5f60823265ac2d9fa6c5cc705bd608c600fbedd44dde56424fed57647388f40
SHA512

5d93e05e65d9683696e5d14009d80c881f621ed1afbe064a37c8a369337faef2c33909d793ec613f28a8ab374f4bab64d6a3464769a3e93984fa72db181b0084
SSDEEP

12288:ms1hiCSTn+fNgqq/8iAdqtDcRCEBiH/qNYZMTo+FWg++h06:Bh3ST+FzXldeD+6SCkdFWz+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea7c37f8e18a0fd9aa5aa5d9f51c4504_JaffaCakes118

Files

ea7c37f8e18a0fd9aa5aa5d9f51c4504_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ca93fb7af4b6e00a31e9c6cede64050

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ef

Imports

wininet

UnlockUrlCacheEntryFileA

comdlg32

PrintDlgA
PageSetupDlgA
PageSetupDlgW
GetOpenFileNameA

kernel32

OpenMutexA
LoadLibraryA
GetCommandLineA
GetCurrentProcessId
InterlockedDecrement
GetCurrentProcess
ReadConsoleOutputAttribute
GetProcAddress
LCMapStringA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetHandleCount
HeapReAlloc
IsBadWritePtr
GetFileType
GetModuleHandleA
VirtualAlloc
HeapCreate
EnterCriticalSection
TlsGetValue
TlsAlloc
GetCurrentThreadId
HeapDestroy
TerminateProcess
InterlockedExchange
OpenFileMappingA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
CompareFileTime
SetLastError
GetStartupInfoW
VirtualUnlock
GetSystemTime
CompareStringW
UnlockFileEx
GetCommandLineW
GetVersion
HeapAlloc
FreeEnvironmentStringsA
WriteFile
ReadConsoleOutputA
TlsSetValue
RtlUnwind
GetModuleFileNameW
EnumResourceNamesA
GetStdHandle
IsBadReadPtr
QueryPerformanceCounter
HeapFree
FlushFileBuffers
TlsFree
GetModuleFileNameA
WritePrivateProfileSectionW
CloseHandle
ExitProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
LeaveCriticalSection
CreateMutexA
GetLocalTime
GetStartupInfoA
GetCPInfo
GlobalReAlloc
InterlockedIncrement
VirtualFree
GetTimeZoneInformation
GetProfileStringW
GetStringTypeW
InitializeCriticalSection
ReadFile
CompareStringA
GetTickCount
FlushViewOfFile
FindResourceW
SetStdHandle
DeleteCriticalSection
IsValidCodePage
GetEnvironmentStrings
GetLastError
GetCurrentThread
SetFilePointer
VirtualQuery
MultiByteToWideChar
GetEnvironmentStringsW

shell32

ExtractIconExW

advapi32

LookupPrivilegeValueW
LookupSecurityDescriptorPartsA
RegOpenKeyExA
LookupAccountSidA
CryptDuplicateHash
CryptSetProviderExW
CryptContextAddRef
CryptHashSessionKey
CryptExportKey

comctl32

GetEffectiveClientRect
ImageList_LoadImageA
ImageList_DragShowNolock
ImageList_SetImageCount
CreateStatusWindow
ImageList_Replace
ImageList_SetIconSize
ImageList_SetFlags
CreatePropertySheetPageA
DrawStatusTextW
ImageList_Draw
ImageList_GetBkColor
DrawStatusText
CreateToolbarEx
ImageList_Read
InitCommonControlsEx

user32

GetWindowTextW
DdeKeepStringHandle
SetCursor
GetClipboardOwner
BringWindowToTop
EnumPropsExA
MessageBoxExA
CreateWindowExW
DrawMenuBar
OpenClipboard
SetCursorPos
SwitchDesktop
SetMenuInfo
DdeSetQualityOfService
GetPriorityClipboardFormat
CloseClipboard
GrayStringA
IsCharUpperA
WINNLSEnableIME
DestroyWindow
DlgDirListComboBoxW
DdeGetLastError
DefDlgProcA
CopyImage
GetPropW
UnpackDDElParam
GetWindowModuleFileNameW
GetClassLongA
UnregisterClassW
CheckRadioButton
RemoveMenu
BlockInput
DefWindowProcW
InsertMenuW
IsIconic
ScrollDC
SetMenuItemInfoA
EqualRect
GetTabbedTextExtentA
TileChildWindows
DefFrameProcW
PostThreadMessageA
GetSysColorBrush
VkKeyScanW
GetTitleBarInfo
SetRectEmpty
SetPropW
SetClipboardData
IsCharLowerW
CharLowerW
GetWindowPlacement
IsDialogMessageW
RegisterClassA
SendIMEMessageExW
DrawTextA
FindWindowExW
DrawStateA
ShowWindow
ToAscii
GetDesktopWindow
MessageBoxA
GetKeyboardLayoutList
GetDoubleClickTime
GetKBCodePage
LoadBitmapA
RegisterWindowMessageW
RegisterClassExA

Sections

.text
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ca93fb7af4b6e00a31e9c6cede64050

Headers

File Characteristics

PDB Paths

Imports

wininet

comdlg32

kernel32

shell32

advapi32

comctl32

user32

Sections

.text Size: 220KB - Virtual size: 217KB

.rdata Size: 248KB - Virtual size: 244KB

.data Size: 112KB - Virtual size: 122KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 220KB - Virtual size: 217KB

.rdata
Size: 248KB - Virtual size: 244KB

.data
Size: 112KB - Virtual size: 122KB

.rsrc
Size: 24KB - Virtual size: 20KB