eb2e16d7f4e3fbb66a147c7626a13637_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb2e16d7f4e3fbb66a147c7626a13637_JaffaCakes118
Size

588KB
MD5

eb2e16d7f4e3fbb66a147c7626a13637
SHA1

fc4670d064a8ac8ca026c3b86e621b3266146c9b
SHA256

d0652092a4ebfdd5bab03a77fdd6a44b420d0eda23aa7e3bdd392b7956a0d1a3
SHA512

804bf653b68336319b5a0c0c2994be19fb0b913b8a94aae69968ba62d2050df110f932de50970bfd2623ba5e662cf767df22007ace72bebd48d4861766792381
SSDEEP

12288:geRfOKoo4KLAlxIF6Vg67vwdx61De8wASiIu:9RWhonA7IwqMnU3Hih

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb2e16d7f4e3fbb66a147c7626a13637_JaffaCakes118

Files

eb2e16d7f4e3fbb66a147c7626a13637_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ecad167b427c4d7065d9c8af3769d83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetCurrentThreadId
GetLocaleInfoW
SetUnhandledExceptionFilter
HeapSize
GetCurrentDirectoryA
GetLocaleInfoA
lstrcmpW
GetConsoleOutputCP
FreeLibrary
CreateFileMappingA
TlsSetValue
VirtualProtectEx
CompareStringA
InterlockedDecrement
LoadLibraryA
ReadFile
ExitProcess
TlsAlloc
SetEnvironmentVariableA
EnterCriticalSection
LCMapStringW
GetCurrentProcess
VirtualFree
UnhandledExceptionFilter
GetCommandLineA
IsValidCodePage
HeapDestroy
GetTimeZoneInformation
GetCurrentThread
SetVolumeLabelA
FindResourceW
CreateFileA
GetProcessHeap
InterlockedExchange
RtlUnwind
FlushFileBuffers
GetTickCount
UnlockFileEx
LCMapStringA
HeapFree
FreeEnvironmentStringsA
CreateSemaphoreA
GetCPInfo
GetEnvironmentStrings
CloseHandle
OpenMutexA
GetDateFormatA
LeaveCriticalSection
QueryPerformanceCounter
GetModuleHandleA
GetSystemTimeAsFileTime
GetStartupInfoA
GetUserDefaultLCID
GetTimeFormatA
GetProcAddress
TerminateProcess
HeapAlloc
GetLastError
GetACP
Sleep
FreeEnvironmentStringsW
GetPrivateProfileSectionW
HeapReAlloc
VirtualQuery
TlsFree
SetHandleCount
WideCharToMultiByte
SetConsoleCtrlHandler
GetStringTypeW
MultiByteToWideChar
SetFilePointer
GetModuleFileNameW
GetStdHandle
SetConsoleTitleA
HeapCreate
TlsGetValue
CreateMutexA
IsValidLocale
GetConsoleCP
SleepEx
SetStdHandle
GetStringTypeA
VirtualAlloc
CompareStringW
GetVersionExA
FindAtomW
GetProcAddress
EnumResourceLanguagesA
GetFileType
InitializeCriticalSection
DeleteCriticalSection
WriteConsoleW
InterlockedIncrement
GetOEMCP
GetStartupInfoW
WriteFile
GetCurrentProcessId
WriteConsoleA
GetCommandLineW
IsDebuggerPresent
GetModuleFileNameA
CreateEventW
GetEnvironmentStringsW
SetLastError
GetConsoleMode

shell32

ExtractAssociatedIconExA
SHUpdateRecycleBinIcon

gdi32

GdiPlayJournal
GetObjectW
DeleteDC
DeleteObject
GetDeviceCaps
CreateDCA

advapi32

RegSaveKeyW
RegSetKeySecurity
CryptAcquireContextA
RegEnumKeyW
CryptContextAddRef
CryptEnumProviderTypesA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExW
RegSetValueExA
CryptGetDefaultProviderW
CryptEncrypt
CryptSetKeyParam
GetUserNameA
CryptGetHashParam
RegSaveKeyA
CryptVerifySignatureA
RevertToSelf

user32

DefWindowProcW
GetSubMenu
GetKeyboardType
ShowWindow
RegisterClassA
TranslateAcceleratorW
GetActiveWindow
InSendMessage
MessageBoxW
DestroyWindow
CreateWindowExA
DialogBoxIndirectParamA
IsZoomed
GetUserObjectSecurity
EnableWindow
MapWindowPoints
GetWindowContextHelpId
WINNLSGetEnableStatus
GetSystemMenu
GetMenuCheckMarkDimensions
RegisterClassExA
GetKeyboardLayoutList

comdlg32

ReplaceTextW
GetSaveFileNameW
PrintDlgA

comctl32

ImageList_Remove
InitCommonControlsEx
ImageList_Create

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ecad167b427c4d7065d9c8af3769d83

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

advapi32

user32

comdlg32

comctl32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 120KB - Virtual size: 132KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 120KB - Virtual size: 132KB

.rsrc
Size: 12KB - Virtual size: 11KB