ebb0f229a747ce5b25943049b2cc6849_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ebb0f229a747ce5b25943049b2cc6849_JaffaCakes118
Size

263KB
MD5

ebb0f229a747ce5b25943049b2cc6849
SHA1

a66cce34fb901d1d272a697a68f555bc7d975720
SHA256

d8e2e9fea869b0d1a62bc446f588a7bd414b8344720c51d5b09867f43bc59e14
SHA512

2134128edac83249208341bd5766702d44710d80371e3460f39ed3cba5159c6362a80f696795b933a1c3806877ae7a9e10900ce3aa2295378b2d845c8ea88d65
SSDEEP

3072:8nTAOjVdX/zaNt2Kxa6Jv9t8ABbNwlSYwq6qQZ7XdBTmvnR5tg:lAdvzaNtla6l9mABCSYztW7XDmvnpg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebb0f229a747ce5b25943049b2cc6849_JaffaCakes118

Files

ebb0f229a747ce5b25943049b2cc6849_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f984daa0e9146f2373026241994fe78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
GetCPInfo
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetFileType
GetProcAddress
GetModuleHandleW
CloseHandle
GetPrivateProfileSectionA
GetModuleHandleA
DeviceIoControl
LockResource
InitializeCriticalSectionAndSpinCount
VirtualFree
VirtualAlloc
LocalAlloc
LoadLibraryA
GetPrivateProfileStringA
GlobalFree
GetThreadLocale
lstrcmpiA
SetLastError
GetLastError
SetThreadLocale
HeapReAlloc
SetUnhandledExceptionFilter
SetHandleCount
GetShortPathNameA
IsDBCSLeadByte
MulDiv
HeapCreate
GetFileAttributesA
CreateEventA
Sleep
WideCharToMultiByte
GetDateFormatA
IsBadReadPtr
GetTimeFormatA
WaitForSingleObject
HeapAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapSize
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadFile
lstrcpyA
ExitProcess
LocalFree
GetLocaleInfoA
CreateFileA
lstrlenA
InterlockedIncrement

user32

OpenIcon
GetWindowRect
OpenDesktopA
ScreenToClient
RegisterClassExA
GetKeyboardLayoutList
SetScrollInfo
DestroyIcon
DialogBoxParamA
GetDlgItemTextA
GetDlgCtrlID
SendInput
PostQuitMessage
TrackPopupMenu
CheckMenuItem
CopyRect
RegisterClassA
MoveWindow
GetKeyboardLayoutNameA
SetProcessWindowStation
SetTimer
IsIconic
FillRect
GetMenuItemID
KillTimer
DrawTextA
GetSubMenu
DrawIconEx
LoadCursorA
FindWindowA
DestroyMenu
UpdateWindow
MapWindowPoints
CloseWindow
LoadImageA
GetSystemMetrics
ScrollWindowEx
SystemParametersInfoA
CheckRadioButton
DispatchMessageA
CreateWindowExW
GetMessageA
SetCursor
SetForegroundWindow
LoadStringA
GetFocus
GetParent
LoadMenuA
PostMessageA
GetMenuItemCount
keybd_event
DestroyWindow
SetThreadDesktop
GetActiveWindow
IsDlgButtonChecked
FrameRect
GetSysColorBrush
ShowWindow
EnumChildWindows
LoadIconA
wsprintfA
DrawIcon
FindWindowExA
MenuItemFromPoint
EndPaint
GetWindowDC
GetMenuStringA
GetCursorPos
GetSysColor
DefWindowProcA
WindowFromPoint
GetClientRect
CreateMenu
DrawTextExW
SetFocus
SendMessageA
BeginPaint
EnumWindows
GetDC
DrawFocusRect
TranslateMessage
InflateRect
CreateDialogIndirectParamA
SetWindowContextHelpId
GetMenu
OffsetRect
OpenWindowStationA
GetKeyboardLayout
SetRect
SetWindowLongA
GetScrollInfo
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
SetScrollPos
GetDCEx
ReleaseDC
GetWindowContextHelpId
GetDlgItem
ScrollWindow

gdi32

SetDIBitsToDevice
FrameRgn
SetTextColor
DeleteDC
GetDeviceCaps
CreateFontIndirectA
GetCurrentObject
SetBkColor
ExcludeClipRect
CreateHalftonePalette
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
CreateCompatibleBitmap
Rectangle
SaveDC
RealizePalette
SelectPalette
GetDIBColorTable
CreateRectRgn
GetClipBox
GetTextMetricsA
SetTextAlign
GetObjectA
ExtTextOutA
RestoreDC
CreateSolidBrush
TextOutA
BitBlt

comdlg32

PageSetupDlgA
PrintDlgA

advapi32

ConvertSidToStringSidA
CreateWellKnownSid
CloseEventLog
GetNumberOfEventLogRecords
RegOpenKeyExA
OpenEventLogA
ReadEventLogA
RegCloseKey

shell32

ExtractIconExA
Shell_NotifyIconA
SHGetFileInfoA
ShellExecuteExW

ole32

CoGetObject
StringFromGUID2
CoCreateInstance
CoInitialize

psapi

GetModuleFileNameExA

msvfw32

ICGetInfo
ICInfo
ICOpen

avifil32

AVIFileInit
AVIMakeCompressedStream
AVIFileOpenA

winmm

mciSendStringA

iphlpapi

IcmpCreateFile
IcmpCloseHandle

shlwapi

SHDeleteKeyA
SHDeleteKeyW
PathFindFileNameA

comctl32

InitCommonControlsEx
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_GetImageCount
ord17
ImageList_Draw
ImageList_Create

gdiplus

GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromGraphics
GdiplusStartup
GdiplusShutdown
GdipCreatePen1
GdipDisposeImage
GdipCreateFromHDC
GdipDeletePen

opengl32

glMatrixMode
glLoadIdentity

imm32

ImmGetConversionStatus
ImmGetContext
ImmReleaseContext
ImmGetProperty

xmllite

CreateXmlReader

setupapi

CM_Get_DevNode_Registry_PropertyA

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesA

uxtheme

CloseThemeData
OpenThemeData
DrawThemeBackground
GetThemeSysColor

authz

AuthzInitializeContextFromSid
AuthzFreeContext
AuthzFreeResourceManager
AuthzInitializeResourceManager

tapi32

phoneGetData

wldap32

ord16
ord13
ord143
ord211

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f984daa0e9146f2373026241994fe78

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

psapi

msvfw32

avifil32

winmm

iphlpapi

shlwapi

comctl32

gdiplus

opengl32

imm32

xmllite

setupapi

wtsapi32

uxtheme

authz

tapi32

wldap32

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 59KB - Virtual size: 58KB

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 59KB - Virtual size: 58KB