2ab5e401cc027dd13107a7c825825179_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ab5e401cc027dd13107a7c825825179_JaffaCakes118
Size

179KB
MD5

2ab5e401cc027dd13107a7c825825179
SHA1

debb9071bf969248bacd0deb46f7bd0548602133
SHA256

e57cf8324bd5362c1dda71752440e1328726727b65ebf334bf834bffd1676531
SHA512

1256d825a18900e0eb9cc20516dfc9e5681c53bdb9fb4fedce628c53c5f2ee402c732835a61b44e127325f4f97559ff14e6b291ee8050e771dc802e44822f1df
SSDEEP

3072:VCW3CDTYBeB62vO61WhF2/QHHPhcpwytW/KxmV9/pdiSzicLX:8W3CDTYXa51kv0wySHNT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ab5e401cc027dd13107a7c825825179_JaffaCakes118

Files

2ab5e401cc027dd13107a7c825825179_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ebd933de91019bb887778a443a5c070

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CreateEventW
CreateFileA
CreateFileMappingA
CreateThread
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
EnumCalendarInfoA
FileTimeToDosDateTime
FindFirstFileW
FindNextFileW
FindResourceW
FreeEnvironmentStringsW
GetCPInfo
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentVariableA
GetFileSize
GetFileTime
GetFileType
GetLocaleInfoA
GetModuleFileNameA
GetStartupInfoA
GetStringTypeExA
GetStringTypeW
GetSystemDefaultLCID
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GlobalAddAtomA
GlobalFree
GlobalLock
GlobalReAlloc
HeapAlloc
HeapCreate
HeapFree
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LocalFree
ReleaseMutex
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetFileTime
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WideCharToMultiByte
WriteConsoleA
WriteFile
WritePrivateProfileStringA
lstrcmpiW
lstrlenA
lstrlenW

user32

CharLowerA
ClientToScreen
CreateMenu
CreatePopupMenu
DestroyWindow
DrawMenuBar
EnableWindow
EndDialog
EndPaint
FillRect
FindWindowA
GetCapture
GetClassInfoA
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyboardType
GetMenu
GetMenuStringA
GetMessageA
GetMessagePos
GetParent
GetPropA
GetScrollRange
GetTopWindow
GetWindow
GetWindowLongA
InsertMenuItemA
IsRectEmpty
IsWindow
KillTimer
LoadCursorA
LoadStringA
OffsetRect
PeekMessageA
RedrawWindow
RegisterClipboardFormatA
ReleaseDC
SendDlgItemMessageA
SetCapture
SetRect
SetScrollRange
SetTimer
SetWindowPos
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WaitMessage
WinHelpA

gdi32

ArcTo
CopyEnhMetaFileA
CreateFontA
CreateICW
CreateRoundRectRgn
Ellipse
EndDoc
ExtCreatePen
ExtFloodFill
ExtTextOutA
GetCharWidthW
GetDeviceCaps
GetMapMode
GetObjectA
GetObjectType
GetTextAlign
GetTextExtentPointW
GetWindowOrgEx
IntersectClipRect
LineDDA
PlayMetaFileRecord
PolyBezierTo
SelectClipPath
SelectObject
SetArcDirection
SetBkColor
SetMapperFlags
SetROP2
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits

shell32

CommandLineToArgvW
DoEnvironmentSubstW
DragAcceptFiles
DragQueryFileW
DragQueryPoint
ExtractIconA
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderPathA
SHGetFolderPathW
SHGetPathFromIDList
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteEx
ShellExecuteExW
Shell_NotifyIconA

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
CreateToolbarEx
ImageList_Add
ImageList_BeginDrag
ImageList_Destroy
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Read
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
InitCommonControlsEx
InitializeFlatSB
PropertySheetA
PropertySheetW

advapi32

CryptHashData
GetTokenInformation
InitiateSystemShutdownA
OpenProcessToken
OpenSCManagerW
OpenServiceA
RegCreateKeyA
RegOpenKeyA
RegOpenKeyW
RegQueryInfoKeyA
SetSecurityDescriptorDacl

ole32

CoCreateGuid
CoCreateInstance
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoRegisterMessageFilter
CoTaskMemFree
DoDragDrop
IIDFromString
IsAccelerator
OleDraw
OleGetClipboard
OleIsCurrentClipboard
OleRun
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
StringFromGUID2

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ebd933de91019bb887778a443a5c070

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 28KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 28KB