eeeda379b03bb365d19f7c04fd4ce351_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eeeda379b03bb365d19f7c04fd4ce351_JaffaCakes118
Size

568KB
MD5

eeeda379b03bb365d19f7c04fd4ce351
SHA1

f03945a25aa915f720c84be3fdb7e1e12785feef
SHA256

3e9b9bd21596474417d029a1f5f12639d59e9bab794ab3feb21db206a45cbb99
SHA512

e9e3d26e7dafdd50de42f384a9718dc863e75788e4c57386e5eb8404759035295e85a774b380094695caa02b12dff3e1abd657ac41bb0aca546427e013832130
SSDEEP

6144:7TH3cbEVEqlOgaEPjdjTOgKudj7PtZjSM/j7T76TuwSNZ6cq16OnaD7:7TH3cwOqlOgaEPxjSgKufZj7+g4nm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eeeda379b03bb365d19f7c04fd4ce351_JaffaCakes118

Files

eeeda379b03bb365d19f7c04fd4ce351_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea7db3e981859986f35d9bc2d8439e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SZWTRYRQBE\SBEM\OFEORR\TLFTT.PDB

Imports

gdi32

SetBitmapBits
GetPath
CreateEllipticRgn
SetArcDirection
DeleteObject
GetDeviceCaps
CopyMetaFileA
GetBkMode
SelectClipRgn
CreateDCA
FlattenPath
CreateICA
PolylineTo
SelectObject
SetWindowOrgEx
PtVisible
GetObjectA
EndPage
StartPage
EqualRgn
TextOutA
SetBoundsRect
CreateFontIndirectA
RealizePalette
SetRectRgn
LineTo
PtInRegion
OffsetClipRgn
SetPixel
DeleteDC
CreateBitmapIndirect
EndDoc
CreateDIBitmap

shell32

SHGetDesktopFolder
ExtractIconA
SHGetPathFromIDListA
ShellExecuteExA
SHBrowseForFolderA
DragQueryFileA

user32

IsRectEmpty
MoveWindow
GetClipboardData
KillTimer
GetCursorPos
IsWindow
EndPaint
MapDialogRect
LoadMenuA
EnableWindow
OpenClipboard
DestroyMenu
EmptyClipboard
GetSysColor
RegisterClassExA
CharUpperA
GetSystemMenu
ScreenToClient
ReleaseCapture
CallNextHookEx
DrawIcon
ClientToScreen
GetScrollInfo
CheckMenuItem
SetCapture
SetWindowTextA
DefWindowProcA
AppendMenuA
GetPropA
GetMenuItemCount
GetKeyState
SetPropA
ReleaseDC
TabbedTextOutA
GetSystemMetrics
GetFocus
GetParent
PostQuitMessage
PostMessageA
GetWindowTextA
SetWindowContextHelpId
DestroyCursor
CreateWindowExA
GetForegroundWindow
LoadAcceleratorsA
LoadBitmapA
GetWindow
DeleteMenu
GetClassLongA
BeginPaint
MessageBoxA
UnionRect
MsgWaitForMultipleObjects
SetScrollPos
EnableMenuItem
SetClipboardData
EnumWindows
DestroyIcon
ShowWindow
SetDlgItemTextA
CreateCaret
DispatchMessageA
RemovePropA
RegisterClassA
SetRectEmpty
GetIconInfo
GetScrollPos
wsprintfA
LoadStringA
FillRect
IsWindowVisible
LoadCursorA
GetActiveWindow
GetDC
GetMenuCheckMarkDimensions
DestroyWindow
LoadIconA
GetWindowRect
IsDialogMessageA
InflateRect
DestroyAcceleratorTable
GetDesktopWindow
ReuseDDElParam
CreateAcceleratorTableA
SendMessageA

kernel32

SetHandleCount
CompareStringA
DeleteCriticalSection
HeapAlloc
UnhandledExceptionFilter
GetCurrentThreadId
GetStringTypeA
HeapSize
FreeEnvironmentStringsW
IsBadCodePtr
GetVersionExA
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
HeapCreate
HeapReAlloc
QueryPerformanceCounter
InterlockedExchange
TerminateProcess
GetTickCount
GetLocaleInfoA
FlushFileBuffers
WriteFile
LoadLibraryA
GetEnvironmentStrings
TlsSetValue
InitializeCriticalSection
GetCurrentProcessId
WideCharToMultiByte
GetACP
GetModuleHandleA
TlsAlloc
GetModuleFileNameA
VirtualAlloc
GetFileType
GetProcAddress
SetEnvironmentVariableA
GetDateFormatA
RaiseException
GetStdHandle
LCMapStringA
GetSystemTimeAsFileTime
SetStdHandle
LCMapStringW
RtlUnwind
GetCommandLineA
GetLastError
VirtualFree
GetStringTypeW
EnterCriticalSection
HeapDestroy
CloseHandle
GetCPInfo
CompareStringW
VirtualProtect
MultiByteToWideChar
CreateMutexA
GetEnvironmentStringsW
GetCurrentProcess
SetFilePointer
TlsGetValue
GetTimeZoneInformation
HeapFree
GetStartupInfoA
VirtualQuery
ReadFile
GetOEMCP
ExitProcess
SetLastError
LeaveCriticalSection
GetSystemInfo
TlsFree
GetTimeFormatA

advapi32

OpenProcessToken
RegQueryValueA
RegCloseKey
RegEnumKeyExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea7db3e981859986f35d9bc2d8439e9c

Headers

File Characteristics

PDB Paths

Imports

gdi32

shell32

user32

kernel32

advapi32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 76KB - Virtual size: 78KB

.rsrc Size: 132KB - Virtual size: 130KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 76KB - Virtual size: 78KB

.rsrc
Size: 132KB - Virtual size: 130KB