ecb9f8b1239deec1143294720838257a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecb9f8b1239deec1143294720838257a_JaffaCakes118
Size

31KB
MD5

ecb9f8b1239deec1143294720838257a
SHA1

0a5001045461556f74db8b4448f09f3f2300857f
SHA256

2f241fde5bad63d65996b8bb219ec1894808e6e69ed15d9d99278f4924074a65
SHA512

43c63ada9a277f2c26388001643b4880856a96d2184b7ea943941d510cce02e65f71a1ab0104416fcfc7bb7fe3a2b0edc61914cfa4d55ec568afde5e2ece1b39
SSDEEP

384:kdBEBaqgfhzlJPLjivWsQiZ23O88AjLeY4g+pdfdo0qocz5XoecZAOZW9:kdAaZlbLjieSZ23O88ELypUoyFoecY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb9f8b1239deec1143294720838257a_JaffaCakes118

Files

ecb9f8b1239deec1143294720838257a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8bf9c39a5d877b51cfc9a138eda750f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
LoadIconA
LoadCursorA
KillTimer
IsWindow
IsClipboardFormatAvailable
GetWindowRect
GetMessageA
GetClipboardData
GetClientRect
OpenClipboard
FindWindowExA
FindWindowA
CloseClipboard
CreateWindowExA
DefWindowProcA
DestroyWindow
wsprintfA
DispatchMessageA
SendMessageTimeoutA
SetForegroundWindow
PostMessageA
PostQuitMessage
RegisterWindowMessageA
RegisterClassExA
SetTimer
EnumChildWindows
EmptyClipboard
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
GetClassNameA

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteProcessMemory
WriteFile
WideCharToMultiByte
VirtualFree
TerminateProcess
Sleep
SetFilePointer
SetFileAttributesA
SetEndOfFile
ReadProcessMemory
ReadFile
Process32Next
Process32First
OpenProcess
CloseHandle
CopyFileA
CreateFileA
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
GetCommandLineA
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

wininet

InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
HttpSendRequestA

gdi32

DeleteObject

ole32

CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

SysAllocString
VariantInit
SysFreeString

psapi

EnumProcessModules
GetModuleFileNameExA
GetModuleBaseNameA

oleacc

ObjectFromLresult

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8bf9c39a5d877b51cfc9a138eda750f

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wininet

gdi32

ole32

oleaut32

psapi

oleacc

gdiplus

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 6KB - Virtual size: 123KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 6KB - Virtual size: 123KB