5f2d22c2ecea5d3d589c498d532db924_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f2d22c2ecea5d3d589c498d532db924_JaffaCakes118
Size

66KB
MD5

5f2d22c2ecea5d3d589c498d532db924
SHA1

0c100cfcdd6db628986b06967cfcc28fa0ac9fa4
SHA256

c8e34ffaff91dec937e0babfc8c988d2422ce31017072e646c52b1e1d2013088
SHA512

473851b7297a696e00228f037bd18d2cc02f21c18f41b650de7dc0b3c9be0292b6bf956a13b92ede31bd00062fb95373e47bcd65c8b92890aa97f7ca0e0a3e0b
SSDEEP

1536:CLgywerZPy8kYUaD5wjLp1yxD4azeVK5grS:7yweFkQDO1yxJys3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f2d22c2ecea5d3d589c498d532db924_JaffaCakes118

Files

5f2d22c2ecea5d3d589c498d532db924_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10f3cec901473d16688a9bb1d200a827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData
CryptProtectData

ole32

CLSIDFromString
CoUninitialize
CoTaskMemAlloc
CoInitializeSecurity
OleLockRunning
StringFromGUID2
StringFromCLSID
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoGetClassObject
OleUninitialize
CoAllowSetForegroundWindow
CoCreateGuid

secur32

GetUserNameExW

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM

msvcrt

__set_app_type
_amsg_exit
_initterm
memcpy
fabs
_initterm
memset
__p__fmode
?terminate@@YAXXZ
_controlfp
_exit
_cexit
__wgetmainargs
_wtoi64
_wcmdln
exit
__p__commode
__setusermatherr
iswdigit
_XcptFilter

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSRegisterSessionNotification

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

RaiseException
HeapSize
GetModuleFileNameW
HeapFree
InterlockedDecrement
SizeofResource
InitializeCriticalSection
WaitForSingleObject
LoadLibraryW
SetEvent
LocalAlloc
GetLastError
CreateMutexW
CreateEventW
LockResource
LCMapStringW
WaitForMultipleObjects
GetACP
InterlockedIncrement
GetCurrentThreadId
QueryPerformanceCounter
Sleep
IsProcessorFeaturePresent
LocalFree
CreateFileW
EnterCriticalSection
GlobalUnlock
GetTickCount
LoadResource
SetLastError
GlobalFree
VirtualLock
FlushInstructionCache
MultiByteToWideChar
GetVersionExA
VirtualUnlock
lstrlenW
GetSystemInfo
LoadLibraryA
GetTempPathW
VirtualAlloc
HeapSetInformation
WideCharToMultiByte
GetProcessId
UnhandledExceptionFilter
ProcessIdToSessionId
ResetEvent
FindResourceExW
FreeLibrary
TerminateProcess
VirtualFree
InterlockedExchange
lstrcmpW
GetVersionExW
LeaveCriticalSection
GetLocaleInfoW
SetUnhandledExceptionFilter
GetCurrentProcess
GlobalLock
ReleaseMutex
GetProcAddress
GlobalHandle
GlobalAlloc
GetStartupInfoW
DeleteCriticalSection
GetComputerNameW
OpenProcess
CloseHandle
FormatMessageW
GetLocaleInfoA
CreateThread
GetThreadLocale
HeapDestroy
LoadLibraryExW
MulDiv
HeapAlloc
FindResourceW
GetSystemTimeAsFileTime
IsDebuggerPresent
HeapReAlloc
GetSystemDirectoryW
lstrlenA
InterlockedCompareExchange
GetModuleHandleW

shlwapi

UrlCombineW
UrlCanonicalizeW
UrlGetPartW
PathCombineW
UrlApplySchemeW
PathAppendW

ddraw

DirectDrawCreate
DirectDrawCreateEx

gdi32

DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
BitBlt
CreateSolidBrush
DeleteDC
SelectObject
GetStockObject
GetObjectW

shell32

CommandLineToArgvW
SHAppBarMessage
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteW
FindExecutableW
ShellExecuteExW

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f3cec901473d16688a9bb1d200a827

Headers

File Characteristics

Imports

crypt32

ole32

secur32

gdiplus

msvcrt

wtsapi32

version

kernel32

shlwapi

ddraw

gdi32

shell32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 2KB