2a766f865831cf40a59476292058f946_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a766f865831cf40a59476292058f946_JaffaCakes118
Size

174KB
MD5

2a766f865831cf40a59476292058f946
SHA1

29c7d59fa1d784b4b8a1088d0779dde6c4bfbd59
SHA256

65d998ea6abb9df03fed6dda24e34e6e0ff4e545fc22b527aae0b740f089c5ff
SHA512

06533a19beba93efd2d23ee8210660b147da39ba3d2557596060b3a0b4a2e4b420352f28b36628ce2d47cf393c304f51eaa67989dd9b544daa165b0f3eaf0f64
SSDEEP

3072:UhyXvXJfVWHkfdrrWWZlndI2JJmobYKd2vWAykvLXsLyP83thau4tfaYdV:U8vXnfdfvBrdb5Es+83L3a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a766f865831cf40a59476292058f946_JaffaCakes118

Files

2a766f865831cf40a59476292058f946_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c505146e40367d2e19605b8e1f7af23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
DisableThreadLibraryCalls
GetACP
WaitCommEvent
LoadLibraryW
OutputDebugStringW
CreateDirectoryW
GlobalLock
InterlockedExchange
GetSystemTimeAsFileTime
WaitCommEvent
ExitProcess
GlobalUnlock
EnumResourceNamesW
CopyFileW
GetTickCount
LocalFree
GlobalAlloc
CreateFileW
GetModuleFileNameA
GetLastError
GetFullPathNameW
QueryPerformanceCounter
ExitProcess
CloseHandle
SetFileAttributesW
GetVersionExA
GetCurrentProcessId
LocalAlloc
GetCurrentThreadId
GetLocaleInfoA

gdi32

StretchBlt
BitBlt
LineTo
SetStretchBltMode
SelectObject
CreateDIBSection
GetObjectType
CreateCompatibleDC
CreateDCW
DeleteDC
CreatePen
CreateBitmap

user32

InvalidateRect
TrackPopupMenuEx
SetParent
RedrawWindow
CreatePopupMenu
SetCursor
GetFocus
DestroyMenu
SetWindowPos
IsWindow
LoadCursorW
GetDesktopWindow
ClipCursor
EnableWindow
PtInRect

advapi32

RegQueryValueExW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW

gdiplus

GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImagePixelFormat
GdipDisposeImage

winmm

timeGetTime

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

ole32

CoFreeUnusedLibraries
CoInitialize
StringFromGUID2
CoUninitialize
CoCreateInstance

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c505146e40367d2e19605b8e1f7af23

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

gdiplus

winmm

msimg32

comctl32

ole32

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 37KB - Virtual size: 36KB

.rsr Size: 512B - Virtual size: 204KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 37KB - Virtual size: 36KB

.rsr
Size: 512B - Virtual size: 204KB