ebe51a8cb29d2ec3b3cfe044a31666a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ebe51a8cb29d2ec3b3cfe044a31666a0_JaffaCakes118
Size

293KB
MD5

ebe51a8cb29d2ec3b3cfe044a31666a0
SHA1

ffe72bc734aa99397c88cfafaafbebab1b652202
SHA256

69cfa69d944893c99b1b499743743db5a6727f12ff91b6dc901aa1d427c61a4b
SHA512

ec98df00c6dd7071882efdbe7626ae48b11483b9e693196f81b812434f422b5dbc575fb8108874c8b82bf82634e53a4bc8b4116f30aabdd1dd40b35ab0741a32
SSDEEP

6144:IgdFljdlD83hzpOqdP/9IShNhVqvJTryIhIigl3QNkE+e:RFDd8xv1hVA9xlg11E5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebe51a8cb29d2ec3b3cfe044a31666a0_JaffaCakes118

Files

ebe51a8cb29d2ec3b3cfe044a31666a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab5d7a3541434c20cb76ede338d43ecf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FindNextFileW
SuspendThread
GetFileSize
ResumeThread
GlobalUnlock
GetLocalTime
CreateWaitableTimerW
GlobalAddAtomW
WaitForSingleObject
WaitForMultipleObjects
GlobalDeleteAtom
VirtualAlloc
WritePrivateProfileStringW
FindFirstFileW
GlobalAlloc
FindNextChangeNotification
GetFileAttributesW
CreateEventW
GetCurrentThreadId
GetVersion
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
ReadFile
GlobalFree
FreeResource
GetPrivateProfileStringW
ResetEvent
CancelWaitableTimer
WideCharToMultiByte
SetCurrentDirectoryW
FreeLibrary
SetFilePointer
SetEvent
MoveFileW
InterlockedDecrement
FindFirstChangeNotificationW
FindResourceW
QueryDosDeviceW
GetLogicalDrives
lstrcpyW
GetProcAddress

user32

FillRect
SetCursorPos
SystemParametersInfoW
RegisterClassExW
EndDialog
DrawTextW
LoadBitmapW
LoadStringW
GetSystemMetrics
UpdateWindow
GetWindowDC
PostThreadMessageW
DestroyIcon
ReleaseCapture
RegisterHotKey
RedrawWindow
GetKeyState
SetCursor
SendDlgItemMessageW
EnableWindow
SendMessageW
DestroyMenu
SetWindowTextW
WindowFromPoint
LoadIconW
DialogBoxParamW
DefWindowProcW
LoadImageW
PostQuitMessage
CreatePopupMenu
TrackPopupMenu

gdi32

CreateRoundRectRgn
CreateCompatibleBitmap
SetBkMode
CreateCompatibleDC
GetDeviceCaps
GetObjectW
GetMapMode
StretchBlt
CreateBitmap
SelectObject
SetMapMode
LineTo
CreateDCW
GetClipBox

advapi32

RegDeleteValueW
InitializeSecurityDescriptor
GetUserNameW

shell32

SHChangeNotify

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab5d7a3541434c20cb76ede338d43ecf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 24KB