2aebe8b0606c68b813eca195183ebebe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aebe8b0606c68b813eca195183ebebe_JaffaCakes118
Size

398KB
MD5

2aebe8b0606c68b813eca195183ebebe
SHA1

0cc1de52100da0992316a77807a7839cece8c0b0
SHA256

2be61258de5b08ef71b18f65315a5696f0ab1d2a77282474b9bfeb58244836fa
SHA512

81a51f305d52147206455cb806d0a13b6b08939e522ee35a0d61eab6580b058dca2abc66186d35ab89c2f15a570cf151bfde6debb06889ba8a5788d22eeb5000
SSDEEP

6144:nVuqdsY1jAmyLZIxvO+8ZS8BteZlA930PX39Wp8zBGrWxx/FZMBxtvW4akp:orY1UmylOdUSUIe0FWpuDgtvW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aebe8b0606c68b813eca195183ebebe_JaffaCakes118

Files

2aebe8b0606c68b813eca195183ebebe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77480c97ed2a9bc051d8164d8f8e3d07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

SelectPalette
CreateSolidBrush
RealizePalette
CreatePen
Arc
GetObjectW
SetBkMode
CreateHalftonePalette
SetBrushOrgEx
SetROP2

kernel32

FreeLibraryAndExitThread
SetFileTime
FreeLibrary
CreateEventA
ReleaseMutex
GetFullPathNameW
CopyFileW
QueryPerformanceCounter
WaitForSingleObject
lstrcatW
UnhandledExceptionFilter
GetShortPathNameW
GetLocalTime
CloseHandle
FindNextFileW
VirtualAllocEx
ExitThread
InterlockedIncrement
LeaveCriticalSection
lstrlenW
SetLastError
GlobalAlloc
FindClose
GetCommandLineW
GetTempPathW
GetTickCount
SizeofResource
lstrlenA
CreateDirectoryW
WaitForSingleObject
LoadLibraryW
CreateThread
DuplicateHandle
SetCurrentDirectoryW
SetEvent
LocalFileTimeToFileTime

user32

CopyRect
BeginDeferWindowPos
GetPropW
MsgWaitForMultipleObjects
SendMessageW
MapWindowPoints
GetCapture
DrawIconEx
CallWindowProcW
MessageBeep
IsRectEmpty
GetClassNameW
GetClassInfoW
DispatchMessageW
IsDlgButtonChecked
GetMonitorInfoW
BeginPaint
DestroyAcceleratorTable
DestroyWindow
PostThreadMessageW
GetDC
FindWindowExW
KillTimer
MonitorFromRect
IntersectRect
GetWindowTextW
SendDlgItemMessageW
FillRect
CopyImage
IsWindowVisible
MapDialogRect
PeekMessageW

advapi32

RegQueryInfoKeyW
RegCloseKey
OpenSCManagerW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHBrowseForFolderW
SHParseDisplayName
SHGetMalloc
SHGetDesktopFolder
ord152
ord18

shlwapi

PathRemoveExtensionW
PathFindFileNameW

gdiplus

GdipSaveImageToFile
GdiplusStartup
GdipCreateBitmapFromScan0
GdipGetImageDecoders
GdipGetImageEncodersSize
GdipCloneImage
GdipGetImageRawFormat
GdiplusShutdown
GdipGetImageWidth
GdipGetImageEncoders
GdipAlloc

msvcrt

?terminate@@YAXXZ
_XcptFilter
_cexit
_initterm
_controlfp
wcstol
_adjust_fdiv

ole32

CLSIDFromString
StringFromCLSID

Sections

.text
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77480c97ed2a9bc051d8164d8f8e3d07

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

shell32

shlwapi

gdiplus

msvcrt

ole32

Sections

.text Size: 253KB - Virtual size: 253KB

.data Size: 135KB - Virtual size: 135KB

.rsrc Size: 9KB - Virtual size: 384KB

.text
Size: 253KB - Virtual size: 253KB

.data
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 9KB - Virtual size: 384KB