eacf13aabbf9473de62828db64359853_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eacf13aabbf9473de62828db64359853_JaffaCakes118
Size

380KB
MD5

eacf13aabbf9473de62828db64359853
SHA1

75a70d8e5c173296b4eb88facdf59d613b7dcf59
SHA256

03406aebe1800a29c52951ef07721a4b202f269065603cbc625c78c294642c7a
SHA512

79a74ec05dfff36f59e459a0bcde8f4a5e73750b871655b387ed2ca3353b3cabee8f54b8ab26be5941201694a753fe468cb9aefad082b9cc5895e89001fc557e
SSDEEP

6144:AFCgDXsj8wOwEBKgUtnSbaIB53ZYOd/C/R5xR+nusfon:AFCgDXW7gUpSv9/y3kuC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eacf13aabbf9473de62828db64359853_JaffaCakes118

Files

eacf13aabbf9473de62828db64359853_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d789015254a1e088b3763845a514caa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sql.pdb

Imports

kernel32

ReleaseMutex
WriteFile
GetStartupInfoA
CreateDirectoryW
HeapReAlloc
GetFullPathNameA
GetEnvironmentStrings
OutputDebugStringA
CompareStringA
GetLastError
GetThreadTimes
GetProfileSectionW
GetTimeFormatA
GetCommandLineA
TlsAlloc
ReadConsoleOutputCharacterW
OpenMutexA
SetConsoleTitleW
SetHandleCount
GetVersionExW
HeapAlloc
LoadLibraryA
OpenWaitableTimerA
LeaveCriticalSection
PulseEvent
GetNumberFormatA
GetCurrentThread
ReadFile
EnumSystemLocalesA
GetCurrentProcessId
SetFilePointer
GetUserDefaultLCID
CreateFileA
GetLogicalDrives
GetConsoleTitleA
TlsGetValue
GetSystemInfo
GetCPInfo
RtlUnwind
VirtualAlloc
GetLocaleInfoW
GetNumberFormatW
VirtualFreeEx
GetCurrentProcess
FreeEnvironmentStringsW
InterlockedIncrement
GetCurrentThreadId
GetThreadLocale
MultiByteToWideChar
SetConsoleOutputCP
LCMapStringA
IsDebuggerPresent
GetMailslotInfo
WaitForDebugEvent
Sleep
IsValidCodePage
GetPrivateProfileStringW
WriteConsoleW
LocalAlloc
DeleteAtom
QueryPerformanceCounter
WriteConsoleA
ReadConsoleInputA
GetModuleFileNameA
GetOEMCP
OpenFileMappingA
DeleteCriticalSection
VirtualFree
GetDriveTypeA
VirtualLock
CreateMutexA
LocalFlags
LCMapStringW
GetStdHandle
GetConsoleMode
SetLastError
SetConsoleCtrlHandler
GetProcAddress
lstrcmpi
FindAtomW
GetLocaleInfoA
GetLogicalDriveStringsA
SetCurrentDirectoryA
IsValidLocale
GetConsoleCP
UnlockFile
GetTimeZoneInformation
CreateSemaphoreA
InterlockedExchange
InterlockedDecrement
GetFileType
TlsSetValue
OpenSemaphoreW
GetModuleHandleA
FileTimeToLocalFileTime
LoadLibraryExW
VirtualProtectEx
GetVersionExA
CloseHandle
VirtualQuery
FreeEnvironmentStringsA
GetDateFormatA
GetTempFileNameA
SetUnhandledExceptionFilter
FreeLibrary
WriteConsoleInputW
CompareStringW
GetSystemTimeAsFileTime
DeleteFileW
HeapFree
GetConsoleOutputCP
TerminateProcess
UnhandledExceptionFilter
GetEnvironmentVariableW
CreateProcessA
GetWindowsDirectoryA
GetEnvironmentStringsW
GetStringTypeW
HeapDestroy
ReadConsoleW
HeapCreate
FillConsoleOutputCharacterW
WritePrivateProfileStringW
GetProcessHeap
LocalSize
SetStdHandle
GetExitCodeProcess
GetStringTypeA
lstrcpynA
GetACP
EnterCriticalSection
SetLocalTime
InitializeCriticalSection
FlushFileBuffers
GetTickCount
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
TlsFree
ExitProcess
GlobalFree

comctl32

ImageList_EndDrag
InitCommonControlsEx
ImageList_Read
ImageList_LoadImage
ImageList_GetImageRect

user32

EnumDisplaySettingsExA
ShowWindow
RegisterClassA
ShowOwnedPopups
RegisterClassExA
DestroyWindow
DrawTextExA
DefWindowProcW
DialogBoxIndirectParamW
OpenIcon
CloseWindowStation
CascadeWindows
MessageBoxW
DrawFocusRect
SetMenuContextHelpId
BroadcastSystemMessageW
GetWindowThreadProcessId
CreateWindowExW
OpenClipboard
SetShellWindow
SendDlgItemMessageA
LoadBitmapW
GetActiveWindow
CreateDialogParamW

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d789015254a1e088b3763845a514caa

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 96KB - Virtual size: 102KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 96KB - Virtual size: 102KB

.rsrc
Size: 40KB - Virtual size: 36KB