eaf3ebebfa5ee79a7b3ae2e68e3abd23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eaf3ebebfa5ee79a7b3ae2e68e3abd23_JaffaCakes118
Size

53KB
MD5

eaf3ebebfa5ee79a7b3ae2e68e3abd23
SHA1

e81cb64a77d09d06146489155c68ad2af624716b
SHA256

cb76ee3401b5c056006e958e4a849db97578f6cc5ac094c3ef95dfd41c56c4c6
SHA512

7e7bb64c40062ee43986402fc8b4204667c7ab6a6221b381beba0edaa289dd6eca091323cdd728831b66d608f9a9e818d0a4b93cf908c31ad2281c8389b4ef75
SSDEEP

1536:BHj7+j6sQfzf+KKwGg/UcMZg86N7JNrKXeSEt7eZ:9AefL+BVwUcMZ2JNrKXYVQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaf3ebebfa5ee79a7b3ae2e68e3abd23_JaffaCakes118

Files

eaf3ebebfa5ee79a7b3ae2e68e3abd23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4884ed7d70f5783a366843a2884104b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableMenuItem
GetWindowThreadProcessId
CheckMenuItem
GetWindowTextW
CreateWindowExW
GetDC
UnhookWinEvent
TranslateMessage
TranslateAcceleratorW
EndDialog
GetFocus
ChildWindowFromPoint
GetForegroundWindow
GetClientRect
DestroyIcon
UpdateWindow
PeekMessageW
GetSystemMenu
SetDlgItemTextW
BeginPaint
OpenClipboard
GetDesktopWindow
MessageBoxW
LoadImageW
SetWindowTextW
SendDlgItemMessageW
DrawFocusRect
GetDlgItemTextW
SetActiveWindow
MapWindowPoints
RegisterWindowMessageA
GetMenuState
InvalidateRect
SetWindowPlacement
GetWindowLongW
SetScrollPos
GetIconInfo
ReleaseCapture
GetDlgItem
SetWindowLongW
ScreenToClient
EnableWindow
UnregisterClassA
CharLowerW
DrawTextExW
IsRectEmpty
IntersectRect
WinHelpW
SetWinEventHook
LoadStringW
ShowWindow
GetMenu
GetSubMenu
SetFocus
GetParent
CharNextW
IsIconic
DestroyMenu
GetScrollInfo
DeleteMenu
LoadCursorW
RegisterClassExW
GetWindowPlacement
PostMessageW
CreateDialogParamW
DefWindowProcW
IsDialogMessageW
RegisterWindowMessageW
IsClipboardFormatAvailable
MessageBeep
CharUpperW
ClientToScreen
ReleaseDC
GetDlgCtrlID
LoadAcceleratorsW
PostQuitMessage
TrackPopupMenu
MoveWindow
DestroyWindow
CloseClipboard
GetMessageW
SendMessageW
GetCursorPos
wsprintfW
GetKeyboardLayout
GetMessagePos
LoadIconW
DispatchMessageW
CallNextHookEx
DialogBoxParamW
SetCursor
GetSystemMetrics

kernel32

ExitProcess
SetLastError
GetProcAddress
WriteFile
CreateFileMappingA
GetDateFormatW
CopyFileW
DeleteCriticalSection
GetUserDefaultLCID
GetVersionExA
UnhandledExceptionFilter
GetUserDefaultUILanguage
InitializeCriticalSection
HeapAlloc
lstrcmpW
GetFileSize
SetEvent
WaitForSingleObject
GetThreadLocale
GetLocalTime
MulDiv
lstrcpyA
lstrcatW
OutputDebugStringA
GetACP
WideCharToMultiByte
GetCommandLineW
LocalFree
LockResource
LoadLibraryA
RtlUnwind
GlobalLock
LocalReAlloc
LCMapStringW
GlobalUnlock
LoadResource
SetFilePointer
FileTimeToSystemTime
FreeEnvironmentStringsA
DuplicateHandle
lstrcpynW
GetVersionExW
GetTimeFormatW
GetFileType
TerminateProcess
CompareStringW
DeleteFileW
GetLastError
UnmapViewOfFile
CreateFileW
GlobalFree
GetFileAttributesW
GetModuleFileNameW
GetStringTypeW
VirtualProtect
QueryPerformanceCounter
LocalAlloc
GetModuleFileNameA
CloseHandle
SetStdHandle
OpenMutexA
LocalLock
VirtualQuery
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
ReadFile
lstrcmpiW
CreateFileMappingW
GetStartupInfoA
GetFullPathNameW
SetHandleCount
GetLocaleInfoW
LoadLibraryExW
SetEndOfFile
LCMapStringA
LeaveCriticalSection
GetCurrentProcessId
OpenEventW
GetModuleHandleA
FindClose
GetVersion
ReleaseMutex
GetCommandLineA
WaitForMultipleObjects
MultiByteToWideChar
GetCurrentThreadId
FoldStringW
FindFirstFileW
GetFileInformationByHandle
IsDBCSLeadByte
GetEnvironmentStringsW
MapViewOfFile
HeapFree
lstrlenW
SetUnhandledExceptionFilter
GetStdHandle
FormatMessageW
LocalUnlock
Sleep
FreeResource
GetCurrentProcess
InterlockedCompareExchange
GetConsoleCP
CreateFileA
lstrcpyW
LocalSize

msvcrt

_controlfp
_c_exit
localtime
memset
__setusermatherr
_initterm
time
__p__fmode
memcpy
_exit
iswctype
_vsnwprintf
_wtol
__getmainargs
_vsnprintf
exit
__p__commode
??_V@YAXPAX@Z
_snwprintf
_adjust_fdiv
_cexit
wcsncmp
_purecall
_XcptFilter
wcsncpy
__set_app_type
_acmdln

gdi32

SelectObject
SetMapMode
EnumFontsW
GetTextFaceW
SetWindowExtEx
AbortDoc
StartDocW
DeleteObject
DeleteDC
SetBkMode
LPtoDP
EndDoc
GetStockObject
GetObjectW
EndPage
CreateDCW
SetViewportExtEx
CreateFontIndirectW
GetDeviceCaps
StartPage
GetTextExtentPoint32W
GetTextMetricsW
SetAbortProc
TextOutW

winspool.drv

OpenPrinterW
ClosePrinter
GetPrinterDriverW

comdlg32

GetFileTitleW
ReplaceTextW
PageSetupDlgW
CommDlgExtendedError
ChooseFontW
FindTextW
PrintDlgExW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW
RegQueryValueExA
IsTextUnicode
RegOpenKeyExA

comctl32

CreateStatusWindowW

shell32

DragFinish
ShellAboutW
DragAcceptFiles
DragQueryFileW

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4884ed7d70f5783a366843a2884104b3

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

gdi32

winspool.drv

comdlg32

advapi32

comctl32

shell32

Sections

.text Size: 41KB - Virtual size: 40KB

.data Size: 9KB - Virtual size: 41KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 40KB

.data
Size: 9KB - Virtual size: 41KB

.rsrc
Size: 2KB - Virtual size: 1KB