ec11cd5d2a1c078fa3865b66be4637e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec11cd5d2a1c078fa3865b66be4637e7_JaffaCakes118
Size

125KB
MD5

ec11cd5d2a1c078fa3865b66be4637e7
SHA1

9dc8c1dffab37da87b599a3445ec02fe5aab7bdc
SHA256

8aae4490f142c1267e2a201938153f7b8a025181776b1566d46f0d10ab99f3be
SHA512

9992a402b15af5173fe45e9da7ad1fb2c0494c04c8373387040296d29cbb0844901055c3fb6aae541281590f5a4dc88b1d6b4a7e0b13e9911d451e3d00aa818c
SSDEEP

3072:0UAWsUxR1LYvzgmtlPY1Fu/3AXuQgP3PAmp0Pz9tK:0U1R10vzVTWqPfATB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec11cd5d2a1c078fa3865b66be4637e7_JaffaCakes118

Files

ec11cd5d2a1c078fa3865b66be4637e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a678efbc9c5f6580e12cd3b7aee50b89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorPos
IsDlgButtonChecked
SetDlgItemInt
GetWindowTextW
ShowOwnedPopups
GetWindowTextLengthW
GetPropW
SetWindowPlacement
EnableMenuItem
DestroyWindow
SetTimer
SetActiveWindow
GetMenuStringW
MapWindowPoints
DrawTextW

ws2_32

WSAGetLastError

kernel32

WideCharToMultiByte
GlobalUnlock
FindResourceW
UnlockFile
FindClose
GlobalFree
GetProcessHeap
MoveFileW
DeleteFileW
GlobalReAlloc
GetCurrentProcess
GetFileAttributesW
ReadFile
GetLastError
CopyFileW
SizeofResource
CreateEventW
HeapAlloc
HeapReAlloc
FindNextFileW
FormatMessageW
GetFileSize
LockResource
GlobalLock
Sleep
LockFile
WriteFile
GetVersionExW
GetModuleFileNameW
WaitForSingleObject
DuplicateHandle
LoadLibraryA
ResetEvent
GetFileAttributesA
GetFullPathNameW
LocalAlloc
GetSystemInfo
SetFilePointer
CreateFileW
GetUserDefaultLCID
CloseHandle
lstrlenW
GetCurrentProcessId
lstrcpyA
lstrcmpiW
FindFirstFileW
GetThreadLocale
GlobalAlloc
TlsGetValue
GlobalSize
VirtualAlloc
GetShortPathNameW
LeaveCriticalSection
SetLastError
GetVolumeInformationW
lstrlenA
LoadResource
GetStringTypeExW
FlushFileBuffers
MulDiv
TerminateProcess
SetEndOfFile
EnterCriticalSection

shlwapi

PathStripToRootW
PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW

comdlg32

GetFileTitleW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

GetEffectiveClientRect

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

Sections

.data
Size: 8KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a678efbc9c5f6580e12cd3b7aee50b89

Headers

DLL Characteristics

File Characteristics

Imports

user32

ws2_32

kernel32

shlwapi

comdlg32

version

comctl32

oleacc

Sections

.data Size: 8KB - Virtual size: 240KB

.text Size: 512B - Virtual size: 484B

.rsrc Size: 111KB - Virtual size: 111KB

.rdata Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 240KB

.text
Size: 512B - Virtual size: 484B

.rsrc
Size: 111KB - Virtual size: 111KB

.rdata
Size: 4KB - Virtual size: 3KB