7784043b0819b1ed1f1c21b1f5edaf60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7784043b0819b1ed1f1c21b1f5edaf60_JaffaCakes118
Size

66KB
MD5

7784043b0819b1ed1f1c21b1f5edaf60
SHA1

77fbf6f421f7af46412b5e1b3184cacd69b6ad01
SHA256

3f841b2a7508bf53f304255a9b8c5e63b9ecc2e77efa4a35dd20bae4b67e1db3
SHA512

62baa2ead97b571ce3642b5859a8830195fc9296862183fbffc6aa848d3d74f7abf97c064e17246757a903acaccc52810781e58a92503b5aa12e44ae24688a8f
SSDEEP

1536:CLgywerZPy8kYUaD5wjLp1yxD4azeVK5grfc:7yweFkQDO1yxJysR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7784043b0819b1ed1f1c21b1f5edaf60_JaffaCakes118

Files

7784043b0819b1ed1f1c21b1f5edaf60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10f3cec901473d16688a9bb1d200a827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData
CryptProtectData

ole32

CLSIDFromString
CoUninitialize
CoTaskMemAlloc
CoInitializeSecurity
OleLockRunning
StringFromGUID2
StringFromCLSID
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoGetClassObject
OleUninitialize
CoAllowSetForegroundWindow
CoCreateGuid

secur32

GetUserNameExW

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM

msvcrt

__set_app_type
_amsg_exit
_initterm
memcpy
fabs
_initterm
memset
__p__fmode
?terminate@@YAXXZ
_controlfp
_exit
_cexit
__wgetmainargs
_wtoi64
_wcmdln
exit
__p__commode
__setusermatherr
iswdigit
_XcptFilter

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSRegisterSessionNotification

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

RaiseException
HeapSize
GetModuleFileNameW
HeapFree
InterlockedDecrement
SizeofResource
InitializeCriticalSection
WaitForSingleObject
LoadLibraryW
SetEvent
LocalAlloc
GetLastError
CreateMutexW
CreateEventW
LockResource
LCMapStringW
WaitForMultipleObjects
GetACP
InterlockedIncrement
GetCurrentThreadId
QueryPerformanceCounter
Sleep
IsProcessorFeaturePresent
LocalFree
CreateFileW
EnterCriticalSection
GlobalUnlock
GetTickCount
LoadResource
SetLastError
GlobalFree
VirtualLock
FlushInstructionCache
MultiByteToWideChar
GetVersionExA
VirtualUnlock
lstrlenW
GetSystemInfo
LoadLibraryA
GetTempPathW
VirtualAlloc
HeapSetInformation
WideCharToMultiByte
GetProcessId
UnhandledExceptionFilter
ProcessIdToSessionId
ResetEvent
FindResourceExW
FreeLibrary
TerminateProcess
VirtualFree
InterlockedExchange
lstrcmpW
GetVersionExW
LeaveCriticalSection
GetLocaleInfoW
SetUnhandledExceptionFilter
GetCurrentProcess
GlobalLock
ReleaseMutex
GetProcAddress
GlobalHandle
GlobalAlloc
GetStartupInfoW
DeleteCriticalSection
GetComputerNameW
OpenProcess
CloseHandle
FormatMessageW
GetLocaleInfoA
CreateThread
GetThreadLocale
HeapDestroy
LoadLibraryExW
MulDiv
HeapAlloc
FindResourceW
GetSystemTimeAsFileTime
IsDebuggerPresent
HeapReAlloc
GetSystemDirectoryW
lstrlenA
InterlockedCompareExchange
GetModuleHandleW

shlwapi

UrlCombineW
UrlCanonicalizeW
UrlGetPartW
PathCombineW
UrlApplySchemeW
PathAppendW

ddraw

DirectDrawCreate
DirectDrawCreateEx

gdi32

DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
BitBlt
CreateSolidBrush
DeleteDC
SelectObject
GetStockObject
GetObjectW

shell32

CommandLineToArgvW
SHAppBarMessage
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteW
FindExecutableW
ShellExecuteExW

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f3cec901473d16688a9bb1d200a827

Headers

File Characteristics

Imports

crypt32

ole32

secur32

gdiplus

msvcrt

wtsapi32

version

kernel32

shlwapi

ddraw

gdi32

shell32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 2KB