ef9e689622900b14adcc1855032fe8d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef9e689622900b14adcc1855032fe8d8_JaffaCakes118
Size

556KB
MD5

ef9e689622900b14adcc1855032fe8d8
SHA1

68add1e0cbc84bbdaabbdab804d2ceb0cb40de76
SHA256

f57ae25545ee1fd532b57b295c4ec3ed20107bef5f1b1042217fdc1919b1949f
SHA512

daec5adb72f5d4680dfadfef574af486a6fc20f17e973f0a23666fbc99c9f2291954ae384af4fd0ae4a2930a073ec00da4099c259f6eff3d0e600d6bc96dcc02
SSDEEP

12288:9o+nickv82UQVQnYKsjVM7hgI67/QFaeFYNzUW9g21uR2:9o+niLvHUQVQnRsjVM7uGYf9gP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef9e689622900b14adcc1855032fe8d8_JaffaCakes118

Files

ef9e689622900b14adcc1855032fe8d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1f3b3bc544d74b90a2c107349670d1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\EOAO\P

Imports

kernel32

LeaveCriticalSection
GetOEMCP
TlsFree
WaitCommEvent
WaitForSingleObject
TlsAlloc
GetConsoleCursorInfo
RtlUnwind
SetFilePointer
GetModuleFileNameA
IsBadWritePtr
VirtualAlloc
SetStdHandle
FlushFileBuffers
GetVersion
CreateProcessA
HeapCreate
GetSystemTimeAsFileTime
OpenMutexA
CreateDirectoryExW
LCMapStringW
GetLocaleInfoW
InterlockedExchangeAdd
VirtualFree
SetEnvironmentVariableA
SetConsoleActiveScreenBuffer
GetTickCount
CreateNamedPipeA
GlobalDeleteAtom
lstrlenW
GetLocalTime
GetCPInfo
EnumResourceNamesW
TerminateProcess
lstrcmpiW
HeapDestroy
SetConsoleOutputCP
GlobalFindAtomW
GetSystemTimeAdjustment
GetNamedPipeHandleStateW
GetEnvironmentStringsW
ReadFile
InitializeCriticalSection
SetHandleCount
SetLastError
HeapReAlloc
GetACP
FindResourceExW
InterlockedDecrement
LCMapStringA
FreeEnvironmentStringsW
Sleep
SetConsoleCursorPosition
DeleteCriticalSection
InterlockedIncrement
TlsSetValue
LoadLibraryA
OpenFile
GlobalAddAtomA
VirtualFreeEx
GetSystemDirectoryW
GetConsoleCP
HeapAlloc
WideCharToMultiByte
EnterCriticalSection
OpenFileMappingA
FillConsoleOutputCharacterW
GetCurrentProcess
ExitProcess
CompareStringA
GetWindowsDirectoryA
CreateProcessW
GetStdHandle
VirtualQuery
GetStartupInfoA
FreeEnvironmentStringsA
GetPriorityClass
GetCurrentProcessId
CompareStringW
GetProcAddress
GetTimeZoneInformation
GetLastError
GetEnvironmentStrings
GetNumberFormatW
UnhandledExceptionFilter
CloseHandle
GetCurrentThreadId
InterlockedExchange
GetComputerNameA
TlsGetValue
CreateMutexA
GetSystemTime
GetStringTypeW
GetModuleHandleA
GetAtomNameW
GetCommandLineA
GlobalLock
GetFileType
QueryPerformanceCounter
WriteFile
GetStringTypeA
MultiByteToWideChar
HeapFree
GetCurrentThread

comctl32

ImageList_Draw
ImageList_SetOverlayImage
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Write
ImageList_SetFilter
_TrackMouseEvent
ImageList_Add
ImageList_AddIcon
DrawStatusTextA
ImageList_EndDrag
ImageList_GetBkColor
InitCommonControlsEx
ImageList_Replace
ImageList_Read
CreateMappedBitmap
CreateToolbar
ImageList_GetImageRect
ImageList_DragMove

user32

AdjustWindowRect
GetWindowInfo
CopyAcceleratorTableW
SystemParametersInfoA
DestroyWindow
DrawTextExA
ModifyMenuA
MessageBoxA
DispatchMessageA
FreeDDElParam
GetClipboardViewer
DefWindowProcA
MapVirtualKeyA
ShowWindow
CreateDialogParamA
SetDebugErrorLevel
CreateMDIWindowW
EnumClipboardFormats
CountClipboardFormats
CreateIconIndirect
RegisterClassExA
MoveWindow
RegisterClassA
GetUserObjectSecurity
GetMenuCheckMarkDimensions
CreateWindowExA
ExcludeUpdateRgn
IsIconic
EnumWindowStationsA
CloseWindow

comdlg32

PrintDlgA
GetFileTitleA
ReplaceTextA
GetFileTitleW

shell32

SheSetCurDrive
FreeIconList
DragQueryPoint
FindExecutableW

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1f3b3bc544d74b90a2c107349670d1c

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

comdlg32

shell32

Sections

.text Size: 184KB - Virtual size: 181KB

.rdata Size: 240KB - Virtual size: 239KB

.data Size: 116KB - Virtual size: 120KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 184KB - Virtual size: 181KB

.rdata
Size: 240KB - Virtual size: 239KB

.data
Size: 116KB - Virtual size: 120KB

.rsrc
Size: 12KB - Virtual size: 9KB