efcca1a9604cb36980689160c9738a08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efcca1a9604cb36980689160c9738a08_JaffaCakes118
Size

396KB
MD5

efcca1a9604cb36980689160c9738a08
SHA1

c704b03aeb2be5e87d1b44708e2a98e9f507c745
SHA256

0b458f6ea79e36547a983d3a6fea1028ee0dfc1c4a32f27abe0b50b6915631c3
SHA512

bd33c9c164ee1762ce0cf225e0463b5f3df5b4dbd9524131f713d137445e6f00e40b092580abfe3da87569e83b484f58c6ae6932c991b2cd5bc37f9e9ac5135b
SSDEEP

3072:8OcD4nxeUkjAgLt0aLvm+eNYu5v4hgEXMB0TEBG3NwazZ9wLN5322Ly14PVNXPlJ:8rDDppZeNRhEcBZcOazLwS14rXVO2r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efcca1a9604cb36980689160c9738a08_JaffaCakes118

Files

efcca1a9604cb36980689160c9738a08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3617128790c26e59f585e7d070e34017

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
VerifyVersionInfoA
HeapCreate
GetSystemWindowsDirectoryA
GetProcessHandleCount
SetThreadExecutionState
GetCurrentThreadId
OpenWaitableTimerA
GetProfileSectionA
SetTapePosition
GetSystemDirectoryA
ReadConsoleOutputAttribute
_lwrite
VirtualAlloc
GlobalSize
GetExitCodeProcess
SetMessageWaitingIndicator
HeapWalk
GlobalHandle
GetSystemRegistryQuota
HeapSize
FindFirstVolumeA
ChangeTimerQueueTimer
GetConsoleCharType
UnregisterConsoleIME
GetAtomNameA
GetConsoleAliasExesA
IsProcessorFeaturePresent
IsDebuggerPresent
GetProcessAffinityMask
SetThreadPriorityBoost
MoveFileWithProgressA
GetConsoleWindow
WritePrivateProfileStructA
WriteConsoleA
FlushConsoleInputBuffer
SetSystemTimeAdjustment
ClearCommBreak
WaitForMultipleObjects
SetConsoleActiveScreenBuffer
SetEndOfFile
LockFile
GetPrivateProfileStructA
GetModuleFileNameA
AllocConsole
SetTimerQueueTimer
LZOpenFileA
GetFileAttributesA
GetProcessIoCounters
GetDriveTypeA
SetThreadContext
PostQueuedCompletionStatus
WritePrivateProfileStringA
SizeofResource
GetConsoleCommandHistoryLengthW
CreateMutexA
GetConsoleInputExeNameA
GetComputerNameA
GetTickCount
lstrcmpiA
Heap32ListNext
AddAtomA
DuplicateConsoleHandle
ReadConsoleInputA
WriteConsoleOutputCharacterA
DebugBreak
GetSystemTime
ResetEvent
FindResourceExW
_lclose
IsProcessorFeaturePresent
ResumeThread
WriteConsoleInputA
GetDefaultCommConfigA
ReadConsoleOutputCharacterA
GetSystemTime
OpenFileMappingA
CloseHandle
FlushFileBuffers
GetProfileStringA
IsBadReadPtr
GetEnvironmentStringsA
IsBadReadPtr
GetThreadContext
ConnectNamedPipe
SetCommConfig
PulseEvent
SetFileAttributesA
SetCommState
ReadConsoleA
GetVersionExA
SetPriorityClass
CreateSemaphoreA
PeekConsoleInputA
WriteFile
GetWriteWatch
Toolhelp32ReadProcessMemory
WriteConsoleOutputCharacterA
ReadConsoleOutputCharacterA
SystemTimeToFileTime
GetLocaleInfoA
GetConsoleMode
ReplaceFileA
GetCPInfoExA
SetConsolePalette
WriteConsoleOutputAttribute
CallNamedPipeA
ChangeTimerQueueTimer
OpenJobObjectA
GetVolumeInformationA
CreateDirectoryExA
RequestDeviceWakeup
GetVersion
LocalHandle
GetTempPathA
GetFileInformationByHandle
MoveFileExA
GetCommTimeouts
GetCurrencyFormatA
DeleteAtom
FlushViewOfFile
GetDefaultCommConfigA
Process32First
GlobalAddAtomA
RaiseException
WriteConsoleInputA
AddAtomA
SetFilePointer
LockResource
GetPrivateProfileStringA
OpenWaitableTimerA
GetVolumePathNameA
ShowConsoleCursor
FlushViewOfFile
HeapFree
GetVersionExA
SetLocaleInfoA
IsValidLocale
GetEnvironmentVariableA
UnregisterWaitEx
GetConsoleCommandHistoryLengthA
GlobalFix
GetDiskFreeSpaceA
EnumSystemCodePagesA
IsBadCodePtr
GetConsoleAliasExesLengthA
WritePrivateProfileSectionA
GetFileSizeEx
FileTimeToSystemTime
GetTickCount
SetFilePointerEx
lstrlenA
MapViewOfFileEx
GetFileInformationByHandle
GetLongPathNameA
GetWindowsDirectoryA
Module32First
SetCommConfig
GetThreadPriority
GetUserDefaultUILanguage
GetCurrentProcessId
GlobalUnfix
LockResource
GetDefaultCommConfigA
SetConsoleNumberOfCommandsA
GetSystemTimes
SearchPathA
GetEnvironmentStringsA
GetThreadSelectorEntry
MoveFileExA
DeleteFileA
GetFileType
GetVersionExA
WriteProfileSectionA
GetVolumePathNamesForVolumeNameA
LockResource
ReplaceFile
GetCurrentThread
DeleteFileA

user32

CreateDialogParamA
GetProcessDefaultLayout
EnumDisplayMonitors
IsCharUpperA
DisableProcessWindowsGhosting
GetPropA
CreateDialogParamA
GetUpdateRgn
TranslateAccelerator
GetWindowTextA
DrawTextExA
EnumDisplayMonitors
LoadMenuIndirectA
ChangeDisplaySettingsA
DlgDirListComboBoxA
SendDlgItemMessageA
MenuWindowProcA
GetCursorFrameInfo
RegisterDeviceNotificationA
MapVirtualKeyExA
GetMouseMovePointsEx
PostThreadMessageA
GetSysColorBrush
CreateMDIWindowA
EndTask
GetKeyboardLayoutList
UpdatePerUserSystemParameters
GetMonitorInfoA
LoadImageA
LoadMenuIndirectA
InsertMenuItemA
SetWinEventHook
DrawAnimatedRects
IsChild
GetClassInfoExA
GetOpenClipboardWindow
GetDialogBaseUnits
SetCaretBlinkTime
AdjustWindowRectEx
IsWindowInDestroy
SetMenuItemInfoA
IsGUIThread
OpenWindowStationA
GetUpdateRgn
PostThreadMessageA
GetSystemMetrics
TabbedTextOutA
DialogBoxParamA
GetMenuCheckMarkDimensions
GetCaretBlinkTime
CreateWindowStationA
ToUnicode
EnumDisplayDevicesA
SetWindowsHookExA
GetWindowDC
GetMenuContextHelpId
EnumDisplayMonitors
CreateIcon
GetWindowInfo
GetWindowTextLengthA
SendIMEMessageExA
BroadcastSystemMessageExW
LoadBitmapA
CreateCaret
UnregisterDeviceNotification
DefDlgProcA
CreateCaret
GetClassInfoExA
IsDlgButtonChecked
GetWindowDC
SetShellWindowEx
BroadcastSystemMessageExW
GetAsyncKeyState
AnimateWindow
ChildWindowFromPointEx
LoadImageA
MessageBeep
GetWindowModuleFileNameA
CalcMenuBar
PrivateExtractIconExA
GetMenuStringA
CloseDesktop
DeferWindowPos
TileChildWindows
EnumWindows
BroadcastSystemMessageA
GetGuiResources
NotifyWinEvent
DispatchMessageA

ws2_32

closesocket

Exports

Exports

CreatePhcmslnqcm
EndXfunubnrp
CreateUlddqviv
Rcatqngdf
OpenUinisxq
CloseBfrjloxn

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3617128790c26e59f585e7d070e34017

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Exports

Exports

Sections

.itext Size: - Virtual size: 2KB

.text Size: 52KB - Virtual size: 687KB

.idata Size: 272KB - Virtual size: 271KB

.rsrc Size: 68KB - Virtual size: 64KB

.itext
Size: - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 687KB

.idata
Size: 272KB - Virtual size: 271KB

.rsrc
Size: 68KB - Virtual size: 64KB