ef270d65c89e2355c340c03c3108684e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef270d65c89e2355c340c03c3108684e_JaffaCakes118
Size

620KB
MD5

ef270d65c89e2355c340c03c3108684e
SHA1

8e27e56e80dfeab572c9f8bf15f69b7e83dd8333
SHA256

58e7925ab25bc4e1589df8ac3459a615e80284762519d97336c6e02e31ab4b04
SHA512

e6e0b30654baf87c5137114f7fe244d14647beb94dfb89d3b066a655b8e7a9fbe8f44267048eb4f18c4bb61af80b858c24a7ec917e901e9fbadea17c61b8d3cf
SSDEEP

12288:u6DxMqhsFx9gnI6h4gQs5usVOP84In2RKxPp5tdNvWtgT:fnhC9qQs5ussFA2REpWtgT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef270d65c89e2355c340c03c3108684e_JaffaCakes118

Files

ef270d65c89e2355c340c03c3108684e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc0329ce7ec8d1f222c8509a388c8c8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

InternalExtractIconListW

gdi32

GetROP2
GetDeviceCaps
CreateDCW
GetMapMode
AddFontResourceA
DeleteDC
GetObjectA

comctl32

ImageList_SetImageCount
ImageList_LoadImageW
ImageList_DragEnter
InitMUILanguage
ImageList_Remove
DestroyPropertySheetPage
InitCommonControlsEx
CreatePropertySheetPageW
CreateToolbar
ImageList_DragLeave
ImageList_Read
ImageList_GetBkColor
ImageList_Destroy

user32

CreateWindowExA
GetClassLongA
DestroyWindow
CreateAcceleratorTableA
DestroyAcceleratorTable
GetMenuContextHelpId
RegisterClassA
DefMDIChildProcA
MessageBoxExA
TrackMouseEvent
DefWindowProcW
AdjustWindowRectEx
EditWndProc
IsMenu
CallMsgFilterA
DdeConnect
PeekMessageW
SetDlgItemTextW
DdeImpersonateClient
GetScrollInfo
CallWindowProcW
SendInput
RegisterClassExA
ShowWindow
GetKeyboardLayoutNameA
GetMenuBarInfo
TrackPopupMenuEx
ReleaseDC
SendIMEMessageExW
DrawStateW
CharToOemBuffW
MapWindowPoints
GetTitleBarInfo
GetWindowInfo
EnumWindows
MonitorFromPoint
MessageBoxA
AnyPopup
SetDebugErrorLevel
IsWindowVisible
DdeClientTransaction
CloseClipboard
CopyRect
AdjustWindowRect
OemToCharW
BeginDeferWindowPos
SetPropW
MessageBoxW
DrawFocusRect
DdeSetUserHandle

kernel32

HeapFree
GetTickCount
GetStartupInfoA
GetPrivateProfileIntA
SetConsoleWindowInfo
LCMapStringA
SetFilePointer
TlsGetValue
GetEnvironmentStrings
DeleteFileW
TlsFree
OpenMutexA
GetCommandLineW
SetEnvironmentVariableA
GetLocalTime
GetStdHandle
InitializeCriticalSection
GetCurrentProcessId
UnhandledExceptionFilter
CompareStringW
LocalLock
GetSystemTime
GetStringTypeW
RtlUnwind
SetHandleCount
VirtualQuery
lstrcpyW
WriteFile
GetSystemTimeAsFileTime
ExitProcess
lstrcat
CloseHandle
GetTimeZoneInformation
SetStdHandle
EnterCriticalSection
WaitNamedPipeW
GetStartupInfoW
TerminateProcess
QueryPerformanceCounter
GetLastError
LCMapStringW
TlsAlloc
SetLastError
CreateMutexA
IsBadWritePtr
FreeEnvironmentStringsW
LoadLibraryA
WriteConsoleInputW
GetCurrentThread
InterlockedDecrement
InterlockedExchange
GetVersion
HeapAlloc
ReadFile
GetFileType
HeapCreate
FindNextFileW
VirtualFree
FlushFileBuffers
WideCharToMultiByte
FreeEnvironmentStringsA
TlsSetValue
GetCurrentThreadId
GetEnvironmentStringsW
MultiByteToWideChar
CompareStringA
DeleteCriticalSection
GetModuleFileNameA
GetSystemDefaultLangID
GetStringTypeA
InterlockedIncrement
SetConsoleScreenBufferSize
GetCurrentProcess
EnumCalendarInfoExW
GetCPInfo
HeapDestroy
GetModuleHandleA
GetModuleFileNameW
FindFirstFileExA
LeaveCriticalSection
GetCommandLineA
VirtualAlloc
GetConsoleMode
HeapReAlloc
GetProcAddress

wininet

DeleteUrlCacheContainerW
FtpPutFileA
InternetDialW
CreateUrlCacheEntryA
FtpSetCurrentDirectoryW
RetrieveUrlCacheEntryFileW
RegisterUrlCacheNotification
InternetLockRequestFile

comdlg32

PrintDlgA
FindTextW
ChooseFontA

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc0329ce7ec8d1f222c8509a388c8c8f

Headers

File Characteristics

Imports

shell32

gdi32

comctl32

user32

kernel32

wininet

comdlg32

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 112KB - Virtual size: 118KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 112KB - Virtual size: 118KB

.rsrc
Size: 60KB - Virtual size: 57KB