eee0da2a7471ab16449f25d5bd1995a9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eee0da2a7471ab16449f25d5bd1995a9_JaffaCakes118
Size

332KB
MD5

eee0da2a7471ab16449f25d5bd1995a9
SHA1

857d5f4f4783318abdc338b13ce90d9c8709563a
SHA256

b732658f0fc172c08a0d92761f66758443a9949cd14188520d9dd84d4bce9662
SHA512

4a2ae570c25927737ec90f600f0ce886b8ce5a50bea665005702f79e92213f39ad6f9152313304caf278d8b3858bcc46a86e3509c61f96c5bb727e0757eeb9f8
SSDEEP

6144:jWeL/qTglHCnk7WHIoCG6S36YcRsQV6y8n:l1infl36dKQVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eee0da2a7471ab16449f25d5bd1995a9_JaffaCakes118

Files

eee0da2a7471ab16449f25d5bd1995a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ba9a1d2fce2565afeda28d361c694de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
HeapSize
SetStdHandle
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
GetLocaleInfoA
SetFilePointer
InitializeCriticalSection
InterlockedExchange
RtlUnwind
LoadLibraryA
RaiseException
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
SetLastError
TlsAlloc
LCMapStringW
GetLastError
MultiByteToWideChar
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetProcAddress
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitProcess
SetEnvironmentVariableA
FlushFileBuffers
MoveFileA
CreateThread
TerminateThread
GlobalLock
GlobalUnlock
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetVersionExA
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
GlobalAlloc
SetCurrentDirectoryA
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
lstrcpynA
Sleep
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
GetModuleFileNameA

user32

LoadAcceleratorsA
GetMessageA
LoadStringA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
LoadIconA
TranslateAcceleratorA
SetTimer
MessageBoxA
SetDlgItemTextA
SendDlgItemMessageA
GetWindowRect
SetWindowPos
InsertMenuItemA
CreateWindowExA
ShowWindow
CharLowerA
EndPaint
OffsetRect
GetClientRect
InflateRect
GetSystemMetrics
BeginPaint
GetUpdateRect
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
RedrawWindow
GetWindowDC
SetWindowTextA
CreatePopupMenu
GetMenuItemCount
DestroyMenu
LoadCursorA
RegisterClassExA
PostQuitMessage
DefWindowProcA
GetMenuItemID
CheckMenuItem
FindWindowA
IsWindow
DialogBoxParamA
SystemParametersInfoA
ReleaseCapture
SetCapture
GetScrollInfo
GetDlgCtrlID
GetDlgItemInt
SetForegroundWindow
TrackPopupMenu
PostMessageA
EndDialog
SetFocus
SetScrollInfo
GetCursorPos
GetMenuItemRect
FrameRect
LoadBitmapA
CopyRect
MessageBeep
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
KillTimer
SendMessageA
GetWindowPlacement
PtInRect
InvalidateRect
UpdateWindow
FillRect
DestroyWindow
DrawTextA
GetDlgItem
EnableWindow

gdi32

EndPage
StartPage
CreatePen
Polygon
CreateDIBitmap
SetTextAlign
TextOutA
GetTextMetricsA
GetTextExtentPoint32A
CreateSolidBrush
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateFontA
SelectObject
DeleteObject
Rectangle
SetTextColor
GetCurrentObject
SetStretchBltMode
EndDoc
GetDeviceCaps
StretchBlt
SetBkMode
StartDocA

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegSetValueExA

shell32

SHGetFolderPathA
ShellExecuteA
Shell_NotifyIconA

ole32

CreateStreamOnHGlobal

ws2_32

htons
gethostbyname
closesocket
recv
send
setsockopt
connect
htonl
socket
WSAStartup
WSACleanup

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdiplusShutdown

winmm

PlaySoundA

comctl32

InitCommonControlsEx

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ba9a1d2fce2565afeda28d361c694de

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

gdiplus

winmm

comctl32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 22KB - Virtual size: 597KB

.rsrc Size: 181KB - Virtual size: 180KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 22KB - Virtual size: 597KB

.rsrc
Size: 181KB - Virtual size: 180KB