ea64b9ebb8714625a3554b3fb3a7b672_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea64b9ebb8714625a3554b3fb3a7b672_JaffaCakes118
Size

281KB
MD5

ea64b9ebb8714625a3554b3fb3a7b672
SHA1

a791f9912472d2d1d63f966e09a941e9c9f5c963
SHA256

0fbb44c24a4221b19030e1f5543fd7bde328013d150e3c36cbc15bd3a5061607
SHA512

8c96e585913d327a089593c047153e54f9314270587c1b5448d484f933a1ce5a5f9b0bc079d7b94face218408a0e30c9f0d32682e79a16dca0766bd1bcd6c764
SSDEEP

6144:xLjNVAQq73ts4IMvc6eFrhUBHzeDPHLRc5:xnAlTts4JChyzerHtc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea64b9ebb8714625a3554b3fb3a7b672_JaffaCakes118

Files

ea64b9ebb8714625a3554b3fb3a7b672_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23f99ed004dec4de9f827d939eb879d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsRelativeW
PathFindFileNameW
PathRemoveExtensionW
PathCanonicalizeW
PathIsURLW
PathStripToRootW
PathStripPathW
PathIsRootW
PathFileExistsW

gdi32

DeleteDC
SetViewportOrgEx
SetWindowExtEx
CreateMetaFileW
RestoreDC
SetTextAlign
SaveDC
CloseMetaFile
CreateFontIndirectW
LPtoDP
GetDeviceCaps
SetWindowOrgEx
CreateRectRgnIndirect
TextOutW
DeleteMetaFile
DeleteObject
SetMapMode

kernel32

GlobalAlloc
EnumResourceNamesW
FlushInstructionCache
FreeLibrary
lstrlenA
LeaveCriticalSection
RaiseException
RemoveDirectoryW
IsDebuggerPresent
lstrlenW
LoadResource
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
GetACP
TlsGetValue
VirtualFree
GetCurrentThreadId
GetProcessHeap
InterlockedPopEntrySList
UnhandledExceptionFilter
GlobalUnlock
MulDiv
LocalAlloc
IsProcessorFeaturePresent
FindResourceExW
WaitForSingleObject
IsValidCodePage
SetFileAttributesA
CreateFileMappingW
OutputDebugStringW
DeleteCriticalSection
GlobalLock
GetShortPathNameW
GetModuleHandleW
GetComputerNameW
CreateFileA
TlsAlloc
CreateFileW
CopyFileW
SetThreadPriority
GetSystemDefaultLCID
GetFileSize
FindResourceW
GetCurrentDirectoryW
CreateDirectoryW
HeapReAlloc
InterlockedPushEntrySList
HeapDestroy
CopyFileA
VirtualAlloc
HeapFree
FindNextFileW
ReadFile
FindClose
FindFirstFileW
MapViewOfFile
EnterCriticalSection
LockResource
WideCharToMultiByte
UnmapViewOfFile
HeapSize
SwitchToThread
SetFileAttributesW
TlsSetValue
HeapAlloc
TlsFree
CreateThread
CreateEventW
CloseHandle
lstrcmpW
SetUnhandledExceptionFilter
SizeofResource
SetLastError
GetFullPathNameW
InitializeCriticalSectionAndSpinCount
CompareFileTime
VirtualAllocEx

oleaut32

SysStringByteLen
SysStringLen
SysAllocString
VariantInit
RegisterTypeLi
VariantChangeType
SafeArrayLock
SysFreeString
GetErrorInfo
VarBstrCat
LoadTypeLi
DispCallFunc
SysAllocStringByteLen
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayCopy
VariantClear
SafeArrayDestroy
LoadRegTypeLi
SafeArrayGetUBound
VarBstrCmp
SysAllocStringLen
SafeArrayGetElement
VariantCopy
SafeArrayGetVartype
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayUnlock
OleCreatePropertyFrame
UnRegisterTypeLi

user32

RegisterClassExW
MonitorFromWindow
OffsetRect
MessageBoxExW
GetParent
LoadCursorW
SetFocus
IntersectRect
GetMonitorInfoW
EnableWindow
GetMenu
PtInRect
MapWindowPoints
CharToOemBuffA
UnionRect
IsWindowEnabled
EndDialog
EndPaint
CharNextW
IsChild
SendMessageA
BeginPaint
MapDialogRect
GetClassNameW
SetWindowRgn
SetCursor
GetWindowRect
InvalidateRect
UnhookWindowsHookEx
CreateWindowExW
DefWindowProcW
SendMessageW
UnregisterClassA
CallNextHookEx
EqualRect
PostMessageW
GetWindowLongW
GetDC
DestroyWindow
ShowWindow
SetWindowPos
GetKeyState
AdjustWindowRectEx
SetWindowTextW
SetWindowContextHelpId
CallWindowProcW
GetClientRect
GetFocus
ReleaseDC
GetClassInfoExW
GetWindow
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
IsWindow
SetWindowsHookExW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemAlloc
ProgIDFromCLSID
CLSIDFromProgID
IIDFromString
OleRegEnumVerbs
CreateDataAdviseHolder
CoCreateInstance
StringFromGUID2
OleRegGetMiscStatus
CreateStreamOnHGlobal
CreateOleAdviseHolder
CLSIDFromString
OleRegGetUserType
StringFromCLSID
CoCreateGuid
CoTaskMemFree

userenv

GetProfileType
UnloadUserProfile
FreeGPOListW
GetAllUsersProfileDirectoryW
DllGetClassObject
UnregisterGPNotification

loadperf

InstallPerfDllW

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23f99ed004dec4de9f827d939eb879d4

Headers

File Characteristics

Imports

shlwapi

gdi32

kernel32

oleaut32

user32

advapi32

ole32

userenv

loadperf

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 248KB - Virtual size: 249KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 248KB - Virtual size: 249KB

.rsrc
Size: 11KB - Virtual size: 11KB