ebf0005fc884ba24cc3f55af282b8516_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ebf0005fc884ba24cc3f55af282b8516_JaffaCakes118
Size

501KB
MD5

ebf0005fc884ba24cc3f55af282b8516
SHA1

df914f29cded5938b1c6ed919b67c18ee2d9dd52
SHA256

9c8fb02bfccda4f04c0d3d23954c1ee4a9a10f738ad7c3c5fa4596ba165fcfad
SHA512

c24a7bd07d7cd6097f76ff6bb685a5e33425519ec0ec42ffbf35cb60ea2618dd73f6962fbdf480acc4ca41c9540d5b9a73840669c294c26352a5ae37ea0cdbcb
SSDEEP

12288:FALqI/4/JAkKOaMF32Aa62Kt6Jx3NmK9z/gcIRcTP:mLqe4SFOai2tns

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebf0005fc884ba24cc3f55af282b8516_JaffaCakes118

Files

ebf0005fc884ba24cc3f55af282b8516_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f44933f674170587bbefc02de6db7aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

comdlg32

GetOpenFileNameA
ChooseColorW
LoadAlterBitmap

user32

SetTimer
GetCaretPos
GetProcessDefaultLayout
GetWindowThreadProcessId
GetShellWindow
IsCharLowerA
RegisterClassA
DrawFocusRect
GetClassLongW
MapVirtualKeyExA
LoadCursorFromFileA
UnpackDDElParam
GetTabbedTextExtentA
DlgDirSelectExA
GetWindowTextLengthA
SetShellWindow
CreateIcon
DdeKeepStringHandle
FrameRect
EnumDisplaySettingsExW
DdeAbandonTransaction
GetDlgCtrlID
RegisterClassExA
SendMessageA
ClipCursor
PeekMessageW
TabbedTextOutA

kernel32

GetModuleFileNameW
OutputDebugStringW
LoadLibraryA
FlushFileBuffers
SetConsoleCtrlHandler
MoveFileA
GetEnvironmentStrings
GetConsoleOutputCP
UnhandledExceptionFilter
GetStartupInfoW
GetConsoleCP
LCMapStringA
GetLocaleInfoA
EnumSystemLocalesA
FreeEnvironmentStringsW
GetACP
GetTickCount
SetStdHandle
GetModuleFileNameA
HeapFree
WriteConsoleW
TlsGetValue
GetModuleHandleA
lstrlenA
lstrcmp
HeapCreate
GetCurrentProcess
GetLocaleInfoW
GetTimeZoneInformation
VirtualAlloc
ExitProcess
SetFilePointer
IsValidLocale
LocalHandle
CloseHandle
GetProcessHeap
CreateFileA
EnumDateFormatsA
GetConsoleMode
GetCurrentThreadId
TlsSetValue
WideCharToMultiByte
GetSystemTimeAsFileTime
GetPrivateProfileStructW
FreeLibrary
GetTimeFormatA
SetFileAttributesA
InterlockedExchange
VirtualQuery
SetHandleCount
GetStringTypeW
RemoveDirectoryW
RaiseException
WriteConsoleA
IsBadReadPtr
GetFileType
GetCurrentThread
TlsFree
QueryPerformanceCounter
HeapAlloc
GetStdHandle
GetUserDefaultLCID
InterlockedIncrement
LoadLibraryW
SetUnhandledExceptionFilter
TlsAlloc
GetCommandLineW
HeapReAlloc
IsValidCodePage
SetComputerNameA
DebugBreak
SetConsoleTextAttribute
GetCurrentProcessId
CompareStringW
GetOEMCP
TerminateProcess
GetEnvironmentStringsW
CreateMutexA
OpenMutexA
EnterCriticalSection
CompareStringA
MultiByteToWideChar
InterlockedDecrement
DeleteCriticalSection
GetLastError
LeaveCriticalSection
HeapValidate
GetAtomNameW
HeapDestroy
GetCommandLineA
GetVersionExA
RtlUnwind
GetStringTypeA
ReadFile
GetCPInfo
SetEnvironmentVariableA
SetLastError
WriteFile
FreeEnvironmentStringsA
SetConsoleTitleA
GetProcAddress
GetStartupInfoA
GetDateFormatA
IsDebuggerPresent
InitializeCriticalSection
VirtualFree
OutputDebugStringA
LCMapStringW

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f44933f674170587bbefc02de6db7aea

Headers

File Characteristics

Imports

comctl32

comdlg32

user32

kernel32

Sections

.text Size: 289KB - Virtual size: 289KB

.rdata Size: 46KB - Virtual size: 67KB

.data Size: 149KB - Virtual size: 148KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 289KB - Virtual size: 289KB

.rdata
Size: 46KB - Virtual size: 67KB

.data
Size: 149KB - Virtual size: 148KB

.rsrc
Size: 15KB - Virtual size: 14KB