ee9c15743fbf5f0293d6e31a2d405597_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ee9c15743fbf5f0293d6e31a2d405597_JaffaCakes118
Size

1.7MB
MD5

ee9c15743fbf5f0293d6e31a2d405597
SHA1

c8d47f805193d0f79dfe1ebd00e778f2c9ca3e69
SHA256

1ee27686d8c6dea25f00682237451d8f372b3ec236c9b3b2ce07500e791f088f
SHA512

911d73fcb40622d383cda42fd8e48c1f309c65ef77eb23c86cd2022b00e49effadfa8169fecedc8af6934c9180b02f05f02be90d245588f2c06860fac61ba237
SSDEEP

24576:NZEOh7ck2Uk/bdkDwiT30tegqI4QKXGStt4+S76KSss7MEot3GHnSo6:NDyBkDJTIEQKXGSttP6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee9c15743fbf5f0293d6e31a2d405597_JaffaCakes118

Files

ee9c15743fbf5f0293d6e31a2d405597_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d1ce876fd9867434030826e9c62651d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetWindowsDirectoryA
WinExec
lstrlenW
LockResource
WideCharToMultiByte
GetLocaleInfoA
GetFileSize
IsBadWritePtr
InterlockedIncrement
VirtualAlloc
VirtualFree
ReadFile
SetFilePointer
SetEnvironmentVariableA
CreateMutexA
CreateThread
GetExitCodeThread
LocalAlloc
GetShortPathNameA
FormatMessageA
LocalFree
ExpandEnvironmentStringsA
GetCurrentProcess
OpenProcess
WaitForSingleObject
LoadLibraryExA
CreateFileA
GetFileTime
CompareFileTime
GetCurrentDirectoryA
GlobalAddAtomA
SetLastError
MultiByteToWideChar
lstrcmpiA
GetModuleHandleA
GetDiskFreeSpaceA
GetVersionExA
GetProcAddress
CreateProcessA
GetExitCodeProcess
OpenMutexA
CloseHandle
ResumeThread
GetDateFormatA
SetCurrentDirectoryA
MoveFileExA
GetSystemDefaultLangID
GetTempPathA
lstrcmpA
CopyFileA
ExitProcess
LoadLibraryA
CreateDirectoryA
MoveFileA
GetUserDefaultLangID
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
GetFileAttributesA
GetVersion
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
Sleep
InitializeCriticalSection
lstrcatA
lstrlenA
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
GetLastError
FindResourceA
SizeofResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
FreeLibrary
GetSystemTime
GetProcessVersion
GetCPInfo
EnumSystemLocalesA
GetDriveTypeA
TlsAlloc
GlobalHandle
IsValidLocale
IsBadCodePtr
GetProfileStringA
GetLocaleInfoW
CompareStringW
CompareStringA
GetUserDefaultLCID
TlsSetValue
GlobalReAlloc
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapCreate
InterlockedExchange
RaiseException
GlobalDeleteAtom
GlobalFindAtomA
GlobalGetAtomNameA
GetCurrentThreadId
InterlockedDecrement
DuplicateHandle
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
MulDiv
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateEventA
SetEvent
SetThreadPriority
SuspendThread
GetCurrentThread
GetPrivateProfileStringA
WritePrivateProfileStringA
TerminateProcess
RtlUnwind
IsValidCodePage
TlsFree
HeapDestroy
HeapFree
LocalReAlloc
TlsGetValue
GlobalFlags
GetStartupInfoA
GetCommandLineA
GetOEMCP
SetErrorMode
FindResourceExA
SetEnvironmentVariableW
GetEnvironmentVariableA
SetStdHandle
HeapAlloc
GetFileType
ExitThread
GetTimeZoneInformation
HeapSize
GetLocalTime
GetACP
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringA
GetStdHandle
SetHandleCount
LCMapStringW

user32

GetClassInfoA
wsprintfA
GetCapture
RegisterClassA
GetTopWindow
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
GetMenuItemID
DefWindowProcA
AdjustWindowRectEx
SetActiveWindow
DispatchMessageA
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
IsDlgButtonChecked
IsDialogMessageA
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenu
GetMenuCheckMarkDimensions
CharUpperA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
CreateDialogIndirectParamA
GetActiveWindow
DrawFocusRect
WindowFromPoint
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
PostQuitMessage
ShowOwnedPopups
GetAsyncKeyState
MapDialogRect
IsWindowUnicode
CharNextA
DefDlgProcA
DestroyWindow
ExcludeUpdateRgn
GetMenuItemCount
GetSubMenu
WinHelpA
GetKeyState
GetFocus
IsChild
RedrawWindow
DestroyCursor
LoadStringA
ReleaseCapture
SystemParametersInfoA
SetRect
AdjustWindowRect
GetSystemMetrics
OffsetRect
SetCapture
GetSysColorBrush
GetWindowTextLengthA
EnumChildWindows
CopyRect
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowPos
SetWindowTextA
ShowWindow
CreateWindowExA
GetDlgItem
GetWindowTextA
EndDialog
SetFocus
SetForegroundWindow
UpdateWindow
ExitWindowsEx
GetWindowThreadProcessId
GetForegroundWindow
PostMessageA
GetDesktopWindow
GetWindow
GetClassNameA
GetWindowLongA
MessageBoxA
FindWindowA
DrawIcon
LoadCursorA
CopyIcon
GetWindowRect
GetParent
InflateRect
IsWindow
SetCursor
GetMessagePos
ScreenToClient
PtInRect
InvalidateRect
SetTimer
MessageBeep
SetWindowLongA
KillTimer
BroadcastSystemMessage
LoadIconA
SendMessageA
RegisterWindowMessageA
EnableWindow
MessageBoxExA
GetDC
ReleaseDC
GetSysColor
FillRect
GetClientRect
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
IntersectRect
IsIconic
GetWindowPlacement
GetDlgCtrlID
ShowCaret
HideCaret
DeferWindowPos
EqualRect
GetMenuState
UnregisterClassA

gdi32

CreateDIBitmap
GetTextExtentPointA
GetTextFaceA
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
GetCurrentObject
GetTextExtentPoint32A
GetStockObject
GetObjectA
CreateFontIndirectA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
DeleteObject
EnumFontFamiliesExA
DPtoLP
CreatePen
GetTextMetricsA
PatBlt
CreateSolidBrush

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
SHChangeNotify
ShellExecuteA
DragQueryFileA
DragFinish

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VarBstrFromDate
OleLoadPicture
VariantClear

comctl32

ord17
PropertySheetA

wsock32

htons
connect
WSAStartup
socket
ioctlsocket
closesocket
WSACleanup

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 744KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 684KB - Virtual size: 681KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4d1ce876fd9867434030826e9c62651d

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

shell32

ole32

oleaut32

comctl32

wsock32

winspool.drv

comdlg32

Sections

.text Size: 744KB - Virtual size: 741KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 124KB - Virtual size: 155KB

.rsrc Size: 684KB - Virtual size: 681KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 744KB - Virtual size: 741KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 124KB - Virtual size: 155KB

.rsrc
Size: 684KB - Virtual size: 681KB

.text
Size: 64KB - Virtual size: 64KB