eedc6ece437f7a34abf793dc9400ae76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eedc6ece437f7a34abf793dc9400ae76_JaffaCakes118
Size

467KB
MD5

eedc6ece437f7a34abf793dc9400ae76
SHA1

2e3e6f6faf8a9661ba46908a903da08a4126044b
SHA256

5cb9d7744b561570a529f2820f392dad98aa52c4dfd9ebe771a6381636fe8cae
SHA512

b3356777df19cabc9070682c3be2fdfbd93cd902136dfe829698fa9fa86cb495fb9732c27c42aa6510bd79ecc449e16ba0758d2727a1a877cbe99bb3c5173e0e
SSDEEP

6144:2DOcDOxAYNKc6oerYWfIZZVxYeOaUowKkxgkEfEUbfxCh0fO/W/cvd5nQH3lFCCs:2OcDOxAQKc4YWKe/7mvCh0CRvdP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eedc6ece437f7a34abf793dc9400ae76_JaffaCakes118

Files

eedc6ece437f7a34abf793dc9400ae76_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f414a30f1f4e18e2627b1af0ba6dbcae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

H:\flow\reproductivity\act\scripts.pdb

Imports

kernel32

FlushFileBuffers
VirtualQuery
FreeLibrary
GetConsoleMode
GetConsoleCP
SetFilePointer
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStringTypeW
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
IsProcessorFeaturePresent
RtlUnwind
LoadLibraryW
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetModuleHandleW
GetProcAddress
TlsFree
GetCurrentThreadId
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedIncrement
MultiByteToWideChar
LCMapStringW
IsBadReadPtr
HeapValidate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CloseHandle
CreateFileW
LocalFree
GetCurrentProcessId
CreateMutexA
GetModuleHandleA
LocalAlloc
OpenMutexA
GetThreadLocale
GetLastError
SetThreadLocale
HeapCreate
CreateEventA
WideCharToMultiByte
InitializeCriticalSection
GetDateFormatA
ExitProcess
FormatMessageA
GetProcessHeap
GetTimeFormatA
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateDirectoryA
WaitForSingleObject
InterlockedDecrement
HeapAlloc
GetLocaleInfoA
lstrlenA
DeleteCriticalSection

user32

RegisterClassA
GetWindow
SetDlgItemTextA
DestroyIcon
DialogBoxParamA
LoadCursorA
GetKeyboardLayoutNameA
EndPaint
DestroyWindow
DdeCreateStringHandleA
PostQuitMessage
GetSubMenu
LoadBitmapA
GetParent
LoadMenuA
LoadIconA
wsprintfA
GetClientRect
SendMessageA
BeginPaint
DestroyMenu
GetDC
SetRect
MessageBoxA
UnionRect
DdeCreateDataHandle
GetWindowLongA
ReleaseDC
GetDlgItem
DefWindowProcA
LoadAcceleratorsA
ShowWindow
IsDlgButtonChecked
CheckRadioButton
DdeNameService
SetWindowTextA
LoadImageA
UpdateWindow
EnableWindow

gdi32

BitBlt
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
GdiSetBatchLimit
Ellipse
CreateRectRgn
GetObjectA
GetStockObject
CreateSolidBrush
EnumFontsA
DeleteDC

shell32

SHGetFolderPathA

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
CoInitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantChangeType
SysFreeString
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocString

mpr

WNetConnectionDialog

crypt32

CertGetNameStringA

shlwapi

PathCompactPathA

comctl32

ImageList_ReplaceIcon

snmpapi

SnmpSvcGetUptime

Sections

.text
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f414a30f1f4e18e2627b1af0ba6dbcae

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

mpr

crypt32

shlwapi

comctl32

snmpapi

Sections

.text Size: 247KB - Virtual size: 247KB

.rdata Size: 143KB - Virtual size: 142KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 71KB - Virtual size: 70KB

.text
Size: 247KB - Virtual size: 247KB

.rdata
Size: 143KB - Virtual size: 142KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 71KB - Virtual size: 70KB