d2ebe8fcb06183bc2f708d836e3ed085_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d2ebe8fcb06183bc2f708d836e3ed085_JaffaCakes118
Size

263KB
MD5

d2ebe8fcb06183bc2f708d836e3ed085
SHA1

47e2d538a0cac8fbe0d1150541a9d1bc52706b4f
SHA256

e6c350cc04d3bd3d1e407aa1611c655c9850530024bcc0580bbad0044caa7978
SHA512

14a0d164f38a3a475c1cf273c2da65762ee3c538a770fc1df22a6ef9b5642764060f027057b5df2c392a09541950d3eeb441a758931dddc838929a4117eef0d9
SSDEEP

3072:AFVcIYf7QdxdG6/mlK9/k2R7hWIQ5ojajUjg7IJp9S+CC+c7AwzcrlCVltWVXHp/:IxJk2RNW37UjP9xscEXltRhn7xgS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2ebe8fcb06183bc2f708d836e3ed085_JaffaCakes118

Files

d2ebe8fcb06183bc2f708d836e3ed085_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc9465ac8a90bafd755d9774b89ba923

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
RemoveDirectoryW
GetWindowsDirectoryW
WritePrivateProfileStringW
CreateProcessW
SystemTimeToFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime
CreateDirectoryW
ExpandEnvironmentStringsA
LoadLibraryExW
GetSystemTime
GetPrivateProfileIntW
GetLocalTime
WriteFile
SetFileAttributesW
CreateEventW
WaitForSingleObject
DeleteFileW
OutputDebugStringW
lstrcmpW
CompareFileTime
lstrcmpiW
FreeResource
FindResourceW
LoadResource
LockResource
GetPrivateProfileStringW
FreeLibrary
FindNextFileW
FindClose
MoveFileW
FileTimeToSystemTime
GetTimeFormatW
FindFirstFileW
GetDateFormatW
CloseHandle
CreateFileW
ReadFile
lstrcpynW
SetLastError
GetModuleHandleW
lstrlenW
lstrlenA
WideCharToMultiByte
LocalFree
GetVersion
VirtualAlloc

user32

GetSysColorBrush
RemoveMenu
GetSubMenu
GetSysColor
InflateRect
LoadCursorW
FrameRect
GetFocus
IsRectEmpty
DrawStateW
IsWindow
PtInRect
SetTimer
UpdateWindow
InvalidateRect
GetCursorPos
ScreenToClient
KillTimer
RegisterWindowMessageW
GetTopWindow
MoveWindow
GetDlgItem
GetClassNameW
BringWindowToTop
SetScrollPos
GetForegroundWindow
LoadStringW
DispatchMessageW
TranslateMessage
PeekMessageW
GetMenuState
InsertMenuW
GetMenuItemCount
AppendMenuW
LoadBitmapW
CreatePopupMenu
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
SystemParametersInfoW
DrawEdge
EnableWindow
SendMessageW
ReleaseDC
GetDC
GetParent
GetWindowRect
GetDlgCtrlID
IsWindowVisible
SetWindowPos
RedrawWindow
GetClientRect
SetDlgItemTextW
GetSystemMetrics
CreateDialogParamW
DestroyWindow
GetMessagePos
DestroyIcon
EnableMenuItem
LoadAcceleratorsW
DeleteMenu
DestroyAcceleratorTable
TranslateAcceleratorW
GetWindow
PostMessageW
FillRect
CopyRect
SetRect
GetMenuItemInfoW
CreateMenu
DrawIconEx
GetMenuItemID
ModifyMenuW

gdi32

ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreateFontIndirectW
GetBkMode
CreatePen
CreateRectRgnIndirect
GetBkColor
GetCurrentObject
CreateRectRgn
CreateHatchBrush
PatBlt
SetPixel
CreateDIBSection
SelectObject
DeleteDC
Ellipse
GetTextExtentPoint32W
BitBlt
EndPage
GetTextMetricsW
StartPage
GetDeviceCaps
StartDocW
EndDoc
DeleteObject
CreatePatternBrush
CreateSolidBrush
GetObjectW
GetPixel
Polygon
Escape

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetFileInfoW
ShellExecuteW

comctl32

ImageList_GetIconSize

esent

JetCreateInstance

mshtmled

DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gQA
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh
Size: 1024B - Virtual size: 861B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XQVG
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RbMLX
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CAk
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jcv
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc9465ac8a90bafd755d9774b89ba923

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

esent

mshtmled

Sections

.text Size: 18KB - Virtual size: 18KB

.gQA Size: 1KB - Virtual size: 2KB

.eh Size: 1024B - Virtual size: 861B

.rdata Size: 4KB - Virtual size: 4KB

.XQVG Size: 1024B - Virtual size: 1KB

.RbMLX Size: 512B - Virtual size: 300B

.CAk Size: 1024B - Virtual size: 1KB

.data Size: 214KB - Virtual size: 418KB

.jcv Size: 2KB - Virtual size: 3KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 18KB - Virtual size: 18KB

.gQA
Size: 1KB - Virtual size: 2KB

.eh
Size: 1024B - Virtual size: 861B

.rdata
Size: 4KB - Virtual size: 4KB

.XQVG
Size: 1024B - Virtual size: 1KB

.RbMLX
Size: 512B - Virtual size: 300B

.CAk
Size: 1024B - Virtual size: 1KB

.data
Size: 214KB - Virtual size: 418KB

.jcv
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 18KB - Virtual size: 18KB