2aa7ae727ca5ed7f151fba39b474bd3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aa7ae727ca5ed7f151fba39b474bd3b_JaffaCakes118
Size

457KB
MD5

2aa7ae727ca5ed7f151fba39b474bd3b
SHA1

2918fce8c7b6b537542df0e2f45189f4124520f1
SHA256

eebbc87ef13198e712575908537ca0ccaf021276db30884f2c5ee585df2cb9a9
SHA512

1a90878e73a2821bac9d32a3f3d12ea894d35797cf134ad7a4ddbacd875ef79cbf217c6977ceed1f84fbdbda9bbf55a79c30fb8a484883bd0b99011dd44d1030
SSDEEP

6144:H7XaGrm+XHWFOQxxBnTkZ29l2xI+s4IyQu1IhkG0rgILM4cuPVcEv:bXdrmsHWjxxBTUZuiEGIhkGcgInBPCEv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa7ae727ca5ed7f151fba39b474bd3b_JaffaCakes118

Files

2aa7ae727ca5ed7f151fba39b474bd3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7e48a28e65a9b41882d85e46db590b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\oxhoevyegz\eeau\ohzo

Imports

comctl32

ImageList_GetIcon
ImageList_Write
DrawStatusText
InitCommonControlsEx
ImageList_LoadImageA
CreateUpDownControl
GetEffectiveClientRect
ImageList_DrawIndirect

kernel32

HeapDestroy
GetVersion
SetFilePointer
GetTickCount
MultiByteToWideChar
GetCurrentThread
GetSystemTimeAsFileTime
CreateMutexA
GetCurrentProcessId
TlsGetValue
HeapReAlloc
VirtualFree
GetStdHandle
SetLastError
VirtualAlloc
SetStdHandle
EnterCriticalSection
TlsSetValue
TerminateProcess
GetFileType
RtlUnwind
GetCommandLineA
WideCharToMultiByte
GetModuleFileNameA
SetEnvironmentVariableA
CompareStringA
GetModuleFileNameW
GetTimeZoneInformation
GetFullPathNameW
GetCPInfo
InterlockedDecrement
GetEnvironmentStringsW
LeaveCriticalSection
TlsFree
FlushFileBuffers
OpenMutexA
CreateWaitableTimerA
DeleteCriticalSection
GetLastError
QueryPerformanceCounter
GetLocalTime
HeapCreate
GetEnvironmentStrings
ReadFile
GetProcAddress
GetSystemTime
LCMapStringA
UnhandledExceptionFilter
TlsAlloc
CompareStringW
GetStartupInfoA
LoadLibraryA
FreeEnvironmentStringsW
InitializeCriticalSection
VirtualQuery
InterlockedExchange
GetStartupInfoW
GetCommandLineW
InterlockedIncrement
SetHandleCount
HeapFree
WriteFile
GetCurrentThreadId
GetStringTypeW
GetModuleHandleA
GetCurrentProcess
ExitProcess
GetStringTypeA
LCMapStringW
FillConsoleOutputAttribute
GetProcessAffinityMask
IsBadWritePtr
CloseHandle
FreeEnvironmentStringsA
HeapAlloc

advapi32

CryptReleaseContext
CryptSetProviderW
RegQueryValueW
RegOpenKeyExW
RegFlushKey
CryptSetProviderExW
RegCreateKeyW
CryptGenKey
CryptGetUserKey
RevertToSelf
RegSetKeySecurity
RegDeleteKeyW
CryptGetDefaultProviderA

gdi32

RemoveFontResourceW
GetTextExtentPointW
SetMetaRgn
ExtCreatePen
SetEnhMetaFileBits
GetPaletteEntries
TextOutA
GetCharWidthFloatA
GetLogColorSpaceW
CreateDiscardableBitmap
EndPath
GetWinMetaFileBits
GetEnhMetaFileBits
UpdateColors
PaintRgn
GetPixel
GetTextFaceA
SetBkMode
SetWindowOrgEx
SetICMProfileW
Escape

user32

DestroyCursor
GetSubMenu
GetScrollBarInfo
GetPropW
CreateWindowExW
MessageBoxA
LoadBitmapW
SetWindowsHookExW
UpdateWindow
RegisterClassA
ShowWindow
ReleaseDC
UnionRect
WINNLSGetEnableStatus
SwitchToThisWindow
CharPrevW
RegisterClassExA
GetWindowRect

shell32

DragQueryFile
ExtractIconEx

Sections

.text
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7e48a28e65a9b41882d85e46db590b2

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

advapi32

gdi32

user32

shell32

Sections

.text Size: 305KB - Virtual size: 304KB

.rdata Size: 33KB - Virtual size: 47KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 305KB - Virtual size: 304KB

.rdata
Size: 33KB - Virtual size: 47KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 16KB - Virtual size: 16KB