e7a786c8643a844e2d69cf658d966bd5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7a786c8643a844e2d69cf658d966bd5_JaffaCakes118
Size

501KB
MD5

e7a786c8643a844e2d69cf658d966bd5
SHA1

a98ce54a952e86789ce289d704b5f4620ca7f635
SHA256

7b41e9bf814faf836e660aab8db4d578f8e1e47d9da11b5cfc32efa61f22f059
SHA512

5e8108032a287cebf724c229fac3b2c1b0abcce210097cb7a37e21cad2638aef9e65adaa2514cccb54efb9e2733c05335ba4ce67173af1a6fe102437352dad67
SSDEEP

6144:9qer9lZxBXpvW0WB8ZZWgRCDOQ3CkQnFkkr1R0MQsMCV4gMfowNSsr+YD5J+h1Lo:9qu9vXpvW0UMtRCDDy3lr4fk2Zf2XLmJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7a786c8643a844e2d69cf658d966bd5_JaffaCakes118

Files

e7a786c8643a844e2d69cf658d966bd5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70cfc975c9a8ebbe8914e857730f8078

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

HeapAlloc
WaitForMultipleObjects
CreateEventA
LockResource
SizeofResource
LoadResource
FindResourceA
GetVolumeInformationA
HeapCreate
Sleep
SetConsoleTitleA
lstrcpyA
GetTickCount
GetCurrentProcessId
GetConsoleTitleA
GetLastError
SetEndOfFile
CreateFileW
SetStdHandle
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
HeapReAlloc
GetStringTypeW
IsValidCodePage
CreateFileA
GetACP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
WaitForSingleObject
GetModuleFileNameW
GetStdHandle
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
LoadLibraryW
GetProcAddress
WriteFile
lstrlenA
lstrcpynA
GetWindowsDirectoryA
ReleaseMutex
GetOEMCP
CloseHandle
GetCurrentThreadId
GetVersion
LoadLibraryA
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetProcessHeap
RtlUnwind
ExitProcess
GetModuleHandleW
RaiseException
HeapFree
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
SetHandleCount
InterlockedDecrement

user32

GetDlgCtrlID
GetSysColor
GetDlgItem
SetClipboardData
OpenClipboard
SetMenu
AttachThreadInput
MessageBoxA
EnableMenuItem
UpdateWindow
SendMessageW
SetCapture
GetDC
DeleteMenu
GetSystemMenu
FindWindowExA
InvalidateRect
GetClientRect
SetRect
DefWindowProcA
UnionRect
CheckRadioButton
IsDlgButtonChecked
EndDialog
GetClassWord
wsprintfA
GetWindowTextA
FindWindowA
WindowFromPoint
SendMessageA
GetWindowContextHelpId
MonitorFromWindow
GetKeyboardType
GetForegroundWindow
GetWindowTextLengthA
EnableWindow
GetPropA
SetPropA
SetForegroundWindow
RemovePropA
PostMessageA

gdi32

Polyline
DeleteObject
CreateFontIndirectA
EnumFontFamiliesA
SelectObject
CreateSolidBrush
CreatePen

advapi32

SetNamedSecurityInfoA
InitializeSecurityDescriptor
AllocateAndInitializeSid

shell32

SHGetPathFromIDListA

ole32

RegisterDragDrop
CoInitialize

oleaut32

SafeArrayCreateVectorEx
VariantTimeToSystemTime
SystemTimeToVariantTime

msacm32

acmStreamOpen
acmStreamPrepareHeader
acmStreamClose
acmStreamUnprepareHeader

winmm

mmioAscend
mmioClose
mmioDescend
mmioCreateChunk
mmioRead
mmioWrite
mmioOpenW
mmioOpenA

shlwapi

PathStripToRootA
PathFileExistsA
PathRemoveFileSpecA
PathFindFileNameA
PathFindExtensionA
wnsprintfA
StrToIntExA
StrCmpNIA
PathAppendA

comctl32

ImageList_Create

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cidata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xave
Size: 512B - Virtual size: 295B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70cfc975c9a8ebbe8914e857730f8078

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msacm32

winmm

shlwapi

comctl32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 13KB

.odata Size: 155KB - Virtual size: 154KB

.cidata Size: 120KB - Virtual size: 120KB

.xave Size: 512B - Virtual size: 295B

.rsrc Size: 55KB - Virtual size: 55KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 13KB

.odata
Size: 155KB - Virtual size: 154KB

.cidata
Size: 120KB - Virtual size: 120KB

.xave
Size: 512B - Virtual size: 295B

.rsrc
Size: 55KB - Virtual size: 55KB