ae7286340d9ca2314b66520a17c8601a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae7286340d9ca2314b66520a17c8601a_JaffaCakes118
Size

70KB
MD5

ae7286340d9ca2314b66520a17c8601a
SHA1

d3350a285c672a846ede35bbda412da372f9ec78
SHA256

ecaeef253eb326495f225772190b47d36fc014a422a6e1018d437b67a857a485
SHA512

d8cc63065d74c70b09bc57effc54b9033c14615274032223130b4f244399c7c195b62073f45a42fe908d8dc4c7215c0f45048915aaead6ef10728802dca84e77
SSDEEP

1536:pv6dT7u1hi1tPyBclM9wHodufJy0OWdOVnBB8OWuXJu6B:pv6EqEulMCIdufJyhVnBB8uZT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae7286340d9ca2314b66520a17c8601a_JaffaCakes118

Files

ae7286340d9ca2314b66520a17c8601a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e286e191446ec9e5147b353728bcecf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

GetUserNameExW

msvcrt

memset
_initterm
_amsg_exit
iswdigit
_exit
?terminate@@YAXXZ
log
_controlfp
__p__fmode
__setusermatherr
_wcmdln
_wtoi64
_initterm
_cexit
__wgetmainargs
memcpy
exit
__set_app_type
__p__commode
_XcptFilter

ole32

CoGetClassObject
OleLockRunning
OleUninitialize
CoInitializeEx
StringFromCLSID
CLSIDFromString
StringFromGUID2
CoSetProxyBlanket
CreateStreamOnHGlobal
CoCreateInstance
OleInitialize
CoInitializeSecurity
CoAllowSetForegroundWindow
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW
CommandLineToArgvW
FindExecutableW
SHAppBarMessage
ShellExecuteExW

ddraw

DirectDrawCreate
DirectDrawCreateEx

crypt32

CryptUnprotectData
CryptProtectData

gdi32

DeleteObject
GetStockObject
CreateSolidBrush
SelectObject
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
DeleteDC
GetObjectW

kernel32

InterlockedDecrement
CreateEventW
SetUnhandledExceptionFilter
HeapSetInformation
DeleteCriticalSection
TerminateProcess
HeapAlloc
LeaveCriticalSection
InitializeCriticalSection
FlushInstructionCache
ReleaseMutex
WaitForMultipleObjects
GetSystemTimeAsFileTime
CreateFileW
MulDiv
FindResourceExW
VirtualAlloc
GlobalAlloc
GlobalUnlock
GetComputerNameW
lstrcmpW
GetCurrentThreadId
HeapFree
FormatMessageW
LoadLibraryW
HeapSize
GetLastError
VirtualLock
InterlockedExchange
GlobalFree
VirtualUnlock
lstrlenW
SetEvent
InterlockedCompareExchange
RaiseException
GetThreadLocale
OpenProcess
UnhandledExceptionFilter
LoadLibraryExW
HeapDestroy
Sleep
ProcessIdToSessionId
GetACP
LockResource
LoadResource
CreateThread
lstrlenA
GetLocaleInfoW
GetModuleHandleA
LCMapStringW
SetLastError
LocalAlloc
GetProcessId
CreateMutexW
GetLocaleInfoA
IsDebuggerPresent
GlobalHandle
GetTickCount
WaitForSingleObject
GetTempPathW
MultiByteToWideChar
EnterCriticalSection
GetSystemInfo
GetSystemDirectoryW
LocalFree
GetModuleFileNameW
VirtualFree
CloseHandle
LoadLibraryA
InterlockedIncrement
GlobalLock
WideCharToMultiByte
FindResourceW
QueryPerformanceCounter
GetVersionExW
IsProcessorFeaturePresent
ResetEvent
FreeLibrary
HeapReAlloc
GetStartupInfoW
GetCurrentProcess
GetVersionExA
GetProcAddress
SizeofResource
GetModuleHandleW

gdiplus

GdipCloneImage
GdipAlloc
GdiplusStartup
GdipCreateBitmapFromFile
GdipDisposeImage
GdiplusShutdown
GdipFree
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFileICM

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e286e191446ec9e5147b353728bcecf

Headers

File Characteristics

Imports

secur32

msvcrt

ole32

version

shell32

ddraw

crypt32

gdi32

kernel32

gdiplus

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 2KB