ee5f38d898e0f203d5254ff4afdb603d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ee5f38d898e0f203d5254ff4afdb603d_JaffaCakes118
Size

1.9MB
MD5

ee5f38d898e0f203d5254ff4afdb603d
SHA1

6a727181a69a34cb89b287c1547430f26751c60a
SHA256

aa15d8286e696979b54a04b0498ed3ca9c5ffad2fc8c4286d17d2f244e6eccba
SHA512

4d21267e4f5304d71e1674f54f9ad19032405b68f3bba68d670f4dba13be4f983b8431acdc351294e4e6ec18691ee8002ed1bc63d89d47eb5d13d2074c393851
SSDEEP

49152:tLFaExeWMLFd2yIO/05OvPsvylyJW58cnnZURRuEuAqP+ysFlzQ7:pcEx9i2yIw1vP5yYvkuEu9P+VTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ee5f38d898e0f203d5254ff4afdb603d_JaffaCakes118

Files

ee5f38d898e0f203d5254ff4afdb603d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3aca81acd35bdcb72a67b49870f77db3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
CloseHandle
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetModuleHandleA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetCurrentProcessId
GetModuleHandleW
HeapAlloc
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
HeapFree
GetLastError
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
MultiByteToWideChar
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
CreateFileA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
ReadFile
GlobalAlloc
lstrlenW
GetVersionExA
WriteConsoleOutputAttribute
SetEnvironmentVariableA
GetCPInfoExA
LoadLibraryA
GetProcAddress
VirtualProtect
TlsGetValue

user32

IntersectRect
CreateIconIndirect
DialogBoxIndirectParamW
IsMenu
RegisterWindowMessageW
DeferWindowPos
GetListBoxInfo
GetMonitorInfoA
TrackMouseEvent
DlgDirListW
MenuItemFromPoint
GetMenuItemInfoA
EnumChildWindows
SetWindowTextA
DdeQueryNextServer
SetCursorPos
PeekMessageW
CharPrevW
DestroyMenu
DdeQueryStringW
PostThreadMessageA
WinHelpA
ChangeMenuW
DialogBoxIndirectParamA
SetMenuItemInfoW
GetWindowTextLengthA
IsDialogMessageA
GrayStringA
SetDebugErrorLevel
DlgDirSelectComboBoxExW
CharLowerBuffA
LoadIconA
GetDlgItemInt
FlashWindow
UnregisterDeviceNotification
SetRectEmpty
WindowFromDC
GetScrollPos
GetUserObjectInformationA
LoadCursorFromFileW
DestroyCaret
UserHandleGrantAccess
DdeConnect
EnumThreadWindows
ExitWindowsEx
SetWindowLongA
GetKeyNameTextW
DlgDirSelectExA
LoadKeyboardLayoutA
DdeGetLastError
GetClassNameA
SetPropW
GetMenuItemInfoW
WinHelpW
AnimateWindow
LoadMenuIndirectW
PostQuitMessage
GetClassWord
ToAscii
GetDlgItemTextW
OemKeyScan
SendMessageTimeoutW
GetClassLongA
InsertMenuW
SetClipboardViewer
DrawFocusRect
GetWindowInfo
TrackPopupMenuEx
DefDlgProcA
SendNotifyMessageA
GetKBCodePage
RealGetWindowClassA
ChangeDisplaySettingsA
ReleaseDC
GetWindowTextA
SwitchDesktop
InsertMenuA
CreateWindowExW
LoadMenuW
SetCursor
DrawAnimatedRects
SetWindowRgn
SendMessageA
GetOpenClipboardWindow
GetClassInfoExA
GetParent
CreateAcceleratorTableW
mouse_event
AppendMenuA
DdeNameService
GetCursor
SetPropA
AppendMenuW
TranslateAcceleratorA
TranslateMDISysAccel
MapVirtualKeyW
DrawStateA
SetKeyboardState
DrawIcon
EndDeferWindowPos
GetDlgCtrlID
GetCapture
GetMenuCheckMarkDimensions
GetAltTabInfoA
LoadCursorA
BroadcastSystemMessageA
SetSysColors
EnumWindowStationsA
IsCharAlphaNumericW
OpenDesktopA
DdeEnableCallback

advapi32

RegQueryValueExW
GetLengthSid
GetSidLengthRequired
EnumServicesStatusA
RegQueryMultipleValuesA
RegRestoreKeyW
GetPrivateObjectSecurity
RegQueryInfoKeyW
AddAccessAllowedAceEx
RegSetValueA
GetSecurityDescriptorGroup
PrivilegedServiceAuditAlarmA
AddAccessAllowedAce
CreatePrivateObjectSecurityEx
LookupAccountSidW
InitiateSystemShutdownA
GetServiceDisplayNameA
InitializeSecurityDescriptor
AbortSystemShutdownW
PrivilegedServiceAuditAlarmW
ConvertToAutoInheritPrivateObjectSecurity
MakeSelfRelativeSD
DeleteAce
SetThreadToken
UnlockServiceDatabase
GetKernelObjectSecurity
AddAccessDeniedAceEx
AccessCheckAndAuditAlarmW
ObjectOpenAuditAlarmW
RegCreateKeyW
AllocateLocallyUniqueId
AddAuditAccessObjectAce
RegDeleteValueA
OpenServiceW
ObjectOpenAuditAlarmA
ImpersonateLoggedOnUser
LockServiceDatabase
AccessCheckByTypeAndAuditAlarmA
SetSecurityDescriptorGroup
RegOpenKeyA
RegQueryValueExA

msimg32

TransparentBlt

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aca81acd35bdcb72a67b49870f77db3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msimg32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 1.7MB - Virtual size: 2.2MB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 1.7MB - Virtual size: 2.2MB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 15KB - Virtual size: 15KB