ea9b242774d24e235cdcb7e54beafe7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea9b242774d24e235cdcb7e54beafe7c_JaffaCakes118
Size

387KB
MD5

ea9b242774d24e235cdcb7e54beafe7c
SHA1

64e0a1e798d519526e79493dc0ecf89121d23959
SHA256

ba0d5d5eda8b9a940785414689be0e71742feb00d61d50ad6925bdf60a17cb7c
SHA512

173cca8643c45266ade49c4274517ef31bc14c9db9c39811e2d9a0a9baf89f9159ca5bfcc07aa6d08db294025e225eef212f8ffe8c7e1753fe3d699a83b24f62
SSDEEP

6144:WZ5Zbi6/yYfF+pP3bNcQrKEgp0zU1RQ47OWfvabZOsk5:63iePiPLNcQrzicCv6+vabZOsk5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea9b242774d24e235cdcb7e54beafe7c_JaffaCakes118

Files

ea9b242774d24e235cdcb7e54beafe7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

12a0407b6d8ea41e6cf571254c861434

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\nata\ten\ten\release\ten.pdb

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
VirtualQuery
HeapSize
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
SetHandleCount
VirtualFree
HeapCreate
GetCurrentThreadId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetLastError
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileA
SetEndOfFile
GetProcessHeap
CreateToolhelp32Snapshot
VirtualAlloc
GetProcAddress
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
lstrcpyW
CreateFileW
GetModuleHandleA
LoadLibraryA
CloseHandle
GetModuleFileNameW
HeapReAlloc
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
HeapAlloc
ExitProcess
GetModuleHandleW
RtlUnwind
HeapFree
SetConsoleScreenBufferSize
GetTempPathW
GetCompressedFileSizeW
WideCharToMultiByte
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLocalTime
GetTimeZoneInformation
TzSpecificLocalTimeToSystemTime
GetLastError
SystemTimeToFileTime
CompareFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
MultiByteToWideChar
InterlockedExchange
InterlockedDecrement
InterlockedIncrement

user32

EnumDisplayMonitors
LoadIconA
LoadCursorA
RegisterClassExA
FillRect
InvalidateRect
DefWindowProcA
SetMenu
AppendMenuA
CreateMenu
PostQuitMessage
EndPaint
GetClientRect
CreateWindowExA
TrackPopupMenuEx
GetDC
DispatchMessageA
TranslateMessage
GetMessageA
GetFocus
DialogBoxParamA
DrawFocusRect
GetKeyState
SetFocus
GetCursorPos
BeginPaint
GetSysColor
RegisterWindowMessageA
MessageBoxW
DestroyWindow
GetSystemMenu
InsertMenuA
GetIconInfo
LoadBitmapA
GetParent
PostMessageA
SendMessageA
SystemParametersInfoA
GetDlgItem
PtInRect
ReleaseDC
ShowWindow

gdi32

LineTo
CreatePen
SetBkColor
TextOutA
CreateEllipticRgn
GetMapMode
SetMapMode
GetTextMetricsW
SetViewportOrgEx
SelectClipRgn
CreateCompatibleDC
BeginPath
BitBlt
CreateFontIndirectA
GetStockObject
GetObjectA
GetTextColor
SetTextColor
GdiGradientFill
DeleteObject
CreateSolidBrush
SelectObject
Rectangle
MoveToEx
SetPixel

winspool.drv

OpenPrinterW

comdlg32

ChooseColorA

advapi32

IsValidSecurityDescriptor

ole32

CreateAntiMoniker

crypt32

CertGetNameStringA

iphlpapi

GetAdaptersInfo

shlwapi

StrStrIW
PathRemoveFileSpecW
StrChrW

comctl32

ord17
CreateToolbarEx

pdh

PdhOpenQueryA

rpcrt4

UuidCreate
UuidToStringA

winhttp

WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpSendRequest
WinHttpReadData

traffic

TcEnumerateInterfaces
TcDeregisterClient

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12a0407b6d8ea41e6cf571254c861434

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ole32

crypt32

iphlpapi

shlwapi

comctl32

pdh

rpcrt4

winhttp

traffic

Sections

.text Size: 202KB - Virtual size: 201KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 7KB - Virtual size: 18KB

.rsrc Size: 147KB - Virtual size: 147KB

.text
Size: 202KB - Virtual size: 201KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 7KB - Virtual size: 18KB

.rsrc
Size: 147KB - Virtual size: 147KB