2e52bc8f03af0f8a85875e6be7242f89_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e52bc8f03af0f8a85875e6be7242f89_JaffaCakes118
Size

156KB
MD5

2e52bc8f03af0f8a85875e6be7242f89
SHA1

aea946cec99f2b5c20e113223a3bb5ab0e9292fc
SHA256

84ecb7df3ba7fda95e236e5ea81f12f3b367ad2dc3c86efe6e568fe0480ff0c1
SHA512

c3f52d0cd2b8be85c6aff4f8c815dc3fec6019b566fdd8f29b7e33abe8a09af5542ed62843a07cdb7bfa7870fd358cb0dc6f6771bf6ed23b95cbf1de4b29d4ba
SSDEEP

3072:DETs9c6vscdJ0zhLJL5NUhNg8kGWREuelbpQe7:QTsPrwlp5NU0OoEPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e52bc8f03af0f8a85875e6be7242f89_JaffaCakes118

Files

2e52bc8f03af0f8a85875e6be7242f89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b03df1c88c6fc521121432b0e3508a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
SHQueryValueExA
PathIsContentTypeA
SHStrDupA
SHGetValueA
PathGetCharTypeA
SHDeleteKeyA
PathIsDirectoryA
SHQueryInfoKeyA
SHStrDupA
PathIsContentTypeA
SHQueryValueExA
SHGetValueA
SHEnumValueA
PathGetCharTypeA
SHQueryInfoKeyA
PathFileExistsA
SHDeleteKeyA
SHQueryValueExA
PathIsDirectoryA
SHSetValueA
SHDeleteValueA
SHDeleteValueA
PathIsContentTypeA
SHSetValueA
SHEnumValueA
PathIsDirectoryA
SHStrDupA
PathFileExistsA
SHQueryInfoKeyA
PathGetCharTypeA
PathFileExistsA
SHQueryValueExA
SHEnumValueA
SHStrDupA
PathIsContentTypeA
PathIsDirectoryA

advapi32

GetLengthSid
RegCreateKeyA
GetUserNameA
RegDeleteValueA
RegEnumValueA

msvcrt

strlen
srand
atan
memcmp
acos
exit
srand
strlen
memmove
memset

kernel32

GetLastError
VirtualAlloc
CompareStringA
lstrlenA
CloseHandle
IsBadHugeReadPtr
ExitThread
LoadLibraryA
lstrlenW
GetModuleHandleW
CreateFileA
GetModuleHandleA
GetOEMCP
GetCommandLineW
Sleep
GetProcAddress
EnterCriticalSection
DeleteFileA
CreateEventA
CreateThread
IsBadReadPtr
DeleteCriticalSection
ExitProcess
GetCommandLineA
GetCommandLineW
VirtualFree
IsBadReadPtr

user32

GetWindowPlacement
GetForegroundWindow
IsWindowVisible
GetWindowTextA
InsertMenuItemA
MapVirtualKeyA
GetWindowThreadProcessId
GetWindowRect
IntersectRect
InflateRect
LoadBitmapA
InvalidateRect
LoadKeyboardLayoutA
IsDialogMessageW
IsRectEmpty
IsWindow
GetWindowPlacement
MessageBoxA
OemToCharA
InsertMenuA
MapWindowPoints
LoadIconA
LoadStringA
LoadCursorA
KillTimer
IsDialogMessageA
IsChild
IsWindowEnabled
IsZoomed
IsIconic
IsWindowUnicode
MessageBeep

ole32

CoReleaseMarshalData
CLSIDFromString
GetHGlobalFromStream
CoCreateFreeThreadedMarshaler
CoFreeUnusedLibraries
CoUnmarshalInterface
PropVariantClear

comctl32

ImageList_Destroy
ImageList_Write
ImageList_Create
ImageList_GetBkColor
ImageList_Add
ImageList_Draw
ImageList_Add
ImageList_DragShowNolock
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Destroy
ImageList_Draw
ImageList_DrawEx
ImageList_Write
ImageList_Draw
ImageList_Read
ImageList_Destroy
ImageList_Remove
ImageList_DragShowNolock
ImageList_Write
ImageList_Add
ImageList_Draw
ImageList_Create

shell32

SHFileOperationA
SHGetDiskFreeSpaceA
SHGetFileInfoA
DragQueryFileA
SHFileOperationA
SHGetFolderPathA
Shell_NotifyIconA
SHGetFileInfoA
SHGetFileInfoA
SHFileOperationA
DragQueryFileA
SHGetFolderPathA
SHGetSpecialFolderLocation

gdi32

SelectObject
GetBitmapBits
GetObjectA
SetBkMode
GetDIBColorTable
CreatePalette
SetTextColor
GetRgnBox
SetBkColor
GetCurrentPositionEx
CreateCompatibleDC
SaveDC
CreateDIBitmap
SetBkMode

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
FindTextA
ChooseColorA
FindTextA
GetOpenFileNameA
GetSaveFileNameA
FindTextA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ChooseColorA

oleaut32

SysAllocStringLen
SafeArrayGetElement
VariantCopyInd

version

VerQueryValueA
GetFileVersionInfoA
VerInstallFileA

Sections

CODE
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b03df1c88c6fc521121432b0e3508a1

Headers

File Characteristics

Imports

shlwapi

advapi32

msvcrt

kernel32

user32

ole32

comctl32

shell32

gdi32

comdlg32

oleaut32

version

Sections

CODE Size: 108KB - Virtual size: 105KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

DATA Size: 8KB - Virtual size: 7KB

.cdata Size: 8KB - Virtual size: 7KB

.fdata Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 8KB

CODE
Size: 108KB - Virtual size: 105KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

DATA
Size: 8KB - Virtual size: 7KB

.cdata
Size: 8KB - Virtual size: 7KB

.fdata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 8KB