d73d846294d9cee4336c83d6a3a0465c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d73d846294d9cee4336c83d6a3a0465c_JaffaCakes118
Size

47KB
MD5

d73d846294d9cee4336c83d6a3a0465c
SHA1

976bc7babeb04bbca730795f33d32c42392a9713
SHA256

9a102b488cf80712a88f1ba96b6721b479a82a9fd03b2b4ee2d28984d4782457
SHA512

ae3acb9231a0d2b359f88a230f312550121550f451730c0ab2bb5122a7ab6c2660c693c6a9a2558d323a38a4662b892f7a8a6e8ebc10587b0d9ce7d3287d4383
SSDEEP

768:FwnyhcobnHcqlMuFetgT4owajDyRtcZEO0y8Hh2wjuk6JjsChLsy6IABu2ghUJcn:FwyhFnHcoZfTJwGN80u4/WJcY0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ascenter.exe

Files

d73d846294d9cee4336c83d6a3a0465c_JaffaCakes118
.cab
ascenter.exe
.exe windows:4 windows x86 arch:x86

348c41959c479fefbe3818281a743f3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
SHDeleteValueA
SHGetValueA

kernel32

GetVersionExA
InterlockedDecrement
lstrlenA
FreeResource
GlobalUnlock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
MulDiv
GetModuleHandleA
GetCommandLineA
CreateMutexA
GetLastError
CloseHandle
MultiByteToWideChar
GetProcAddress
FreeLibrary
LoadLibraryA
GetModuleFileNameA
GetShortPathNameA
GetStartupInfoA
GlobalLock

user32

GetDlgCtrlID
GetWindowRect
CallWindowProcA
GetPropA
BeginPaint
SendMessageA
FindWindowExA
ShowWindow
SetForegroundWindow
EndDialog
EndPaint
RemovePropA
GetCursorPos
PtInRect
GetClientRect
DrawTextA
GetWindowTextA
FillRect
LoadCursorA
SetCursor
TrackMouseEvent
InvalidateRect
GetParent
PostMessageA
DefWindowProcA
IsWindow
CopyRect
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
SetPropA
SetWindowLongA
UpdateWindow
GetDesktopWindow
LoadStringA
SetWindowPos
DialogBoxParamA
GetDlgItem
OffsetRect

gdi32

BitBlt
DeleteDC
CreateFontA
SetTextColor
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
SetBkMode
DeleteObject
CreateSolidBrush
CreateFontIndirectA
GetObjectA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

oleaut32

SysAllocString
OleLoadPicture
SysFreeString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

_XcptFilter
_exit
_onexit
__dllonexit
malloc
free
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
strstr
_snprintf
strrchr
_controlfp
_acmdln
_except_handler3
__set_app_type
__p__fmode
__p__commode
exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

348c41959c479fefbe3818281a743f3b

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

version

msvcrt

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 56KB - Virtual size: 52KB