2a044dbc726ceae01947138300c0c191_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a044dbc726ceae01947138300c0c191_JaffaCakes118
Size

66KB
MD5

2a044dbc726ceae01947138300c0c191
SHA1

c54fe7de3d3a32003e8d14deac20349886c0fb00
SHA256

b0e683bee0c880cda29faaaf8e4079124585f22afae26b89460c532a1a76af0e
SHA512

ef57834ee3ea0a0d978d8c5f459ad4893cd282c9be8abb23a9f757252703056769ab34672db5ce89f020f778d27b193ec254de7b81f2bbbe34102753f499ab04
SSDEEP

1536:CLgywerZPy8kYUaD5wjLp1yxD4azeVK5grN:7yweFkQDO1yxJyso

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a044dbc726ceae01947138300c0c191_JaffaCakes118

Files

2a044dbc726ceae01947138300c0c191_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10f3cec901473d16688a9bb1d200a827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData
CryptProtectData

ole32

CLSIDFromString
CoUninitialize
CoTaskMemAlloc
CoInitializeSecurity
OleLockRunning
StringFromGUID2
StringFromCLSID
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoGetClassObject
OleUninitialize
CoAllowSetForegroundWindow
CoCreateGuid

secur32

GetUserNameExW

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM

msvcrt

__set_app_type
_amsg_exit
_initterm
memcpy
fabs
_initterm
memset
__p__fmode
?terminate@@YAXXZ
_controlfp
_exit
_cexit
__wgetmainargs
_wtoi64
_wcmdln
exit
__p__commode
__setusermatherr
iswdigit
_XcptFilter

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSRegisterSessionNotification

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

RaiseException
HeapSize
GetModuleFileNameW
HeapFree
InterlockedDecrement
SizeofResource
InitializeCriticalSection
WaitForSingleObject
LoadLibraryW
SetEvent
LocalAlloc
GetLastError
CreateMutexW
CreateEventW
LockResource
LCMapStringW
WaitForMultipleObjects
GetACP
InterlockedIncrement
GetCurrentThreadId
QueryPerformanceCounter
Sleep
IsProcessorFeaturePresent
LocalFree
CreateFileW
EnterCriticalSection
GlobalUnlock
GetTickCount
LoadResource
SetLastError
GlobalFree
VirtualLock
FlushInstructionCache
MultiByteToWideChar
GetVersionExA
VirtualUnlock
lstrlenW
GetSystemInfo
LoadLibraryA
GetTempPathW
VirtualAlloc
HeapSetInformation
WideCharToMultiByte
GetProcessId
UnhandledExceptionFilter
ProcessIdToSessionId
ResetEvent
FindResourceExW
FreeLibrary
TerminateProcess
VirtualFree
InterlockedExchange
lstrcmpW
GetVersionExW
LeaveCriticalSection
GetLocaleInfoW
SetUnhandledExceptionFilter
GetCurrentProcess
GlobalLock
ReleaseMutex
GetProcAddress
GlobalHandle
GlobalAlloc
GetStartupInfoW
DeleteCriticalSection
GetComputerNameW
OpenProcess
CloseHandle
FormatMessageW
GetLocaleInfoA
CreateThread
GetThreadLocale
HeapDestroy
LoadLibraryExW
MulDiv
HeapAlloc
FindResourceW
GetSystemTimeAsFileTime
IsDebuggerPresent
HeapReAlloc
GetSystemDirectoryW
lstrlenA
InterlockedCompareExchange
GetModuleHandleW

shlwapi

UrlCombineW
UrlCanonicalizeW
UrlGetPartW
PathCombineW
UrlApplySchemeW
PathAppendW

ddraw

DirectDrawCreate
DirectDrawCreateEx

gdi32

DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
BitBlt
CreateSolidBrush
DeleteDC
SelectObject
GetStockObject
GetObjectW

shell32

CommandLineToArgvW
SHAppBarMessage
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteW
FindExecutableW
ShellExecuteExW

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f3cec901473d16688a9bb1d200a827

Headers

File Characteristics

Imports

crypt32

ole32

secur32

gdiplus

msvcrt

wtsapi32

version

kernel32

shlwapi

ddraw

gdi32

shell32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 2KB