e1eabffe946b03a4225d44605a92f1a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e1eabffe946b03a4225d44605a92f1a1_JaffaCakes118
Size

217KB
MD5

e1eabffe946b03a4225d44605a92f1a1
SHA1

29a815927da8ed2ae0570cb3230cb2e46dd62dad
SHA256

ca559baf16ee4048bef039c1df795d328e5d1722d8c91702cdca4ffc94553ff9
SHA512

6f89126a3e38f2943c4de43a3ee41543f3be34e48ed843e380228a8939779279a85edfc8f04842c603cd4fff2daefe9186b5ef3e3832d30adafdfe1b541fc9a2
SSDEEP

6144:sEkuJl6OO7ZkT6hCarV5zpuY3iHRnBVsMgl8O:Nku36Vd3rV59uxml8O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1eabffe946b03a4225d44605a92f1a1_JaffaCakes118

Files

e1eabffe946b03a4225d44605a92f1a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba535750e98406c00ea729c6e4297524

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetComputerNameA
lstrlen
lstrcmp
FindResourceW
IsBadStringPtrA
FileTimeToSystemTime
lstrcmpW
Beep
LoadLibraryA
ExpandEnvironmentStringsW
GetWindowsDirectoryW
GetCalendarInfoW
GlobalGetAtomNameA
Sleep
GetCurrentThreadId
lstrcmpi
GetVersionExW
GetTempPathW
CopyFileExA
GetTickCount
IsBadWritePtr
GetVolumeInformationA
GetLocalTime
GetThreadLocale
SetUnhandledExceptionFilter
GetSystemDirectoryA
RemoveDirectoryA
SearchPathA
IsBadReadPtr
LoadLibraryA
GetNumberFormatW
MoveFileA
GetShortPathNameW
GetModuleHandleW
GetFileAttributesW
RaiseException
GetExpandedNameA
lstrcpy
CreateNamedPipeA
GetProcAddress
SetCalendarInfoA
GetSystemTime
GetUserDefaultLangID

user32

PeekMessageW
RegisterClassExW
WaitForInputIdle
GetWindowRgn
AppendMenuW
ActivateKeyboardLayout
GetMenuItemID
GetMenuItemInfoW
PostMessageW
LoadCursorW
CreateAcceleratorTableW
InvalidateRect
GetForegroundWindow
CopyRect
InsertMenuA
GetKeyboardLayout
CreateDialogIndirectParamW
TrackPopupMenuEx
RegisterWindowMessageA
LoadCursorA
MessageBoxA
LoadImageW
GetDlgItemTextW
DestroyMenu
SetDlgItemTextA

gdi32

CreateRectRgn
CreateDIBPatternBrush
GetMetaFileA
CreateColorSpaceA
CreateDIBPatternBrushPt
GetEnhMetaFileA
AddFontResourceA
CreateMetaFileW
RemoveFontResourceExA
CreateScalableFontResourceA
CreateCompatibleDC
TranslateCharsetInfo
CreateScalableFontResourceW
CreateFontIndirectA
CreateFontW
CreateEllipticRgn
CreateICA
CreateFontIndirectExA
CreateFontIndirectW
CreateDIBSection

shell32

ExtractAssociatedIconW
StrStrIA
StrCmpNIW
ExtractIconExA
StrNCmpIW
StrCmpNIA
ShellExecuteExW
StrRChrW

comctl32

CreateStatusWindowA
ImageList_LoadImageW
ImageList_GetImageRect
FlatSB_EnableScrollBar
ImageList_Draw

opengl32

glColor3iv
glGetMaterialiv
glTexCoord4f
glVertex2f
glClearColor

wininet

InternetOpenA
InternetReadFileExW
InternetGetCookieW
RetrieveUrlCacheEntryStreamA
FtpCreateDirectoryW
RegisterUrlCacheNotification
FindNextUrlCacheEntryA
InternetConfirmZoneCrossing
GopherGetLocatorTypeA

wsock32

WSAAsyncGetServByName
rcmd
SetServiceA
NPLoadNameSpaces
SetServiceW
sethostname
WSAAsyncSelect
WSAUnhookBlockingHook
TransmitFile
EnumProtocolsA

Sections

.ran
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EvdqS
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prJDdF
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.U
Size: 2KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yLT
Size: 4KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jpUdY
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OAU
Size: 8KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yy
Size: 1KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba535750e98406c00ea729c6e4297524

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

opengl32

wininet

wsock32

Sections

.ran Size: 3KB - Virtual size: 3KB

.EvdqS Size: 83KB - Virtual size: 82KB

.prJDdF Size: 12KB - Virtual size: 12KB

.U Size: 2KB - Virtual size: 75KB

.yLT Size: 4KB - Virtual size: 51KB

.jpUdY Size: 86KB - Virtual size: 85KB

.OAU Size: 8KB - Virtual size: 323KB

.yy Size: 1KB - Virtual size: 168KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.ran
Size: 3KB - Virtual size: 3KB

.EvdqS
Size: 83KB - Virtual size: 82KB

.prJDdF
Size: 12KB - Virtual size: 12KB

.U
Size: 2KB - Virtual size: 75KB

.yLT
Size: 4KB - Virtual size: 51KB

.jpUdY
Size: 86KB - Virtual size: 85KB

.OAU
Size: 8KB - Virtual size: 323KB

.yy
Size: 1KB - Virtual size: 168KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B