fa0b23d5c1f42d0d9762c1d7980df14c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa0b23d5c1f42d0d9762c1d7980df14c_JaffaCakes118
Size

443KB
MD5

fa0b23d5c1f42d0d9762c1d7980df14c
SHA1

9a387a70b7def3b2a7b616b56d922454847d850b
SHA256

f544157af4b7e7c46e0c36b78ef98219312ed2bc9b3d7906a28f2615936f7f04
SHA512

c37b01a8eb461ae18ee4f89b1dc2054c9cd983d651d9bdf04de8320d906e7bc4dee40c55521799861617198e4d93bc0df2f00f2438010af873ece9e1f816fc2e
SSDEEP

12288:qeGQLwrICdj5mybGWADZyssO2nqEZUIA1:qQLm5mHtsO2qgA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0b23d5c1f42d0d9762c1d7980df14c_JaffaCakes118

Files

fa0b23d5c1f42d0d9762c1d7980df14c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b83dd4275a67aa3821a110702fc26a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdiplus

GdipDrawImageI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipImageRotateFlip

ole32

FreePropVariantArray
PropVariantClear
CLSIDFromString
CoTaskMemRealloc

advapi32

CloseServiceHandle
RegQueryValueExW
RegEnumValueW

shlwapi

ord437
PathFindExtensionW
ord186
PathFindFileNameW
StrToIntExW
ord174

gdi32

SetROP2
Ellipse
CreateDIBSection
SelectObject
GetTextExtentPoint32W
GetObjectW
Rectangle
CreatePenIndirect
DeleteObject

shell32

SHChangeNotify
ord152
SHGetMalloc

msvcrt

_exit
_adjust_fdiv
_c_exit
realloc
wcstol
__RTDynamicCast
__setusermatherr
wcscpy
_XcptFilter
__p__commode
__set_app_type

kernel32

CreateEventA
GlobalUnlock
GetCurrentThreadId
GetModuleHandleW
WaitForSingleObject
UnmapViewOfFile
VirtualAllocEx
GlobalAlloc
LocalAlloc
lstrcmpiW
SystemTimeToFileTime
CreateProcessW
GetFileAttributesW
lstrlenW
LoadResource
CloseHandle
UnhandledExceptionFilter
SizeofResource
Sleep
GetTickCount
GetLastError
EnterCriticalSection
InitializeCriticalSection
GetHandleInformation
GetStartupInfoW
GetModuleHandleA
CreateMutexW

user32

GetClassNameW
FindWindowExW
SetTimer
IsWindow
GetClientRect
InvalidateRect
DefWindowProcW
ReleaseDC
GetKeyState
KillTimer
GetPropW
SetDlgItemTextW
RegisterClassW
IsWindowVisible
BeginPaint
EndDeferWindowPos
MonitorFromWindow
CopyIcon
LoadAcceleratorsW
CreateWindowExW
PtInRect
GetParent
GetClassInfoW
MsgWaitForMultipleObjects
GetMonitorInfoW
IsDlgButtonChecked
InflateRect
SendMessageW
DispatchMessageW
UpdateWindow
GetSysColorBrush
EnableWindow
DestroyIcon
GetWindowTextLengthW
SetForegroundWindow
GetDC

Sections

.text
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b83dd4275a67aa3821a110702fc26a6

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

ole32

advapi32

shlwapi

gdi32

shell32

msvcrt

kernel32

user32

Sections

.text Size: 404KB - Virtual size: 404KB

.data Size: 32KB - Virtual size: 31KB

.rsrc Size: 6KB - Virtual size: 288KB

.text
Size: 404KB - Virtual size: 404KB

.data
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 6KB - Virtual size: 288KB