2b81d00b153e42dd27d297410b08af80_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b81d00b153e42dd27d297410b08af80_JaffaCakes118
Size

95KB
MD5

2b81d00b153e42dd27d297410b08af80
SHA1

a6f6b2fdea5f69a92859b28214a11a6060d8333d
SHA256

dfdde7cdf1c962bea7e2440410f400e0d7420b2564c102c1ef82a2930af9cc9e
SHA512

59d706bcbc754483ac1970382e50db1cc45899e77e77c9718df6a1b85843a1f8a0b53b35d88596da27fc01508cddba58ed7f1b98ac759aa31095976ee2d2f79c
SSDEEP

1536:dhapRrXi3kW9YnZznauOXdnU1afkM09zGdTU7sEc:dha/wk6YnZznTOX21at0FIUi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b81d00b153e42dd27d297410b08af80_JaffaCakes118

Files

2b81d00b153e42dd27d297410b08af80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f28d99dc463e3550ac872e4935112ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData
CryptProtectData

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSRegisterSessionNotification

ole32

CLSIDFromProgID
OleInitialize
CoTaskMemAlloc
OleLockRunning
OleUninitialize
CoInitializeSecurity
CoInitializeEx
CoAllowSetForegroundWindow
StringFromGUID2
CoGetClassObject
StringFromCLSID
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
FindExecutableW
Shell_NotifyIconW
SHAppBarMessage
ShellExecuteExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

UrlCombineW
UrlApplySchemeW
UrlCanonicalizeW
UrlGetPartW
PathCombineW
PathAppendW

gdi32

CreateCompatibleBitmap
GetStockObject
DeleteObject
SelectObject
DeleteDC
BitBlt
GetDeviceCaps
CreateCompatibleDC
CreateSolidBrush
GetObjectW

secur32

GetUserNameExW

netapi32

NetUserEnum
NetUserGetLocalGroups
NetApiBufferFree
NetWkstaUserGetInfo
NetLocalGroupAddMembers
NetUserDel
NetUserAdd
NetGetJoinInformation

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdiplusStartup
GdipFree
GdiplusShutdown
GdipCreateBitmapFromFileICM

kernel32

GetProcessHeap
GetSystemTimeAsFileTime
ReleaseMutex
GetACP
EnterCriticalSection
VirtualUnlock
FlushInstructionCache
HeapAlloc
GetLocaleInfoA
GetSystemInfo
LCMapStringW
FreeLibrary
GetSystemDirectoryW
UnhandledExceptionFilter
GlobalAlloc
GetTickCount
CreateEventW
GlobalFree
LoadResource
IsProcessorFeaturePresent
GetProcessVersion
lstrcmpW
GlobalLock
CreateMutexW
lstrlenW
GetStartupInfoW
VirtualFree
VirtualAlloc
LockResource
GlobalUnlock
LoadLibraryA
GetModuleFileNameW
GetProcAddress
WideCharToMultiByte
OpenProcess
DeleteCriticalSection
LocalFree
HeapDestroy
ExitProcess
GetLastError
ProcessIdToSessionId
GetCurrentProcess
VirtualLock
CreateThread
MultiByteToWideChar
ResetEvent
CloseHandle
LoadLibraryW
GetVersionExW
HeapFree
LocalAlloc
WaitForMultipleObjects
GetProcessId
HeapSize
IsDebuggerPresent
HeapReAlloc
InitializeCriticalSection
QueryPerformanceCounter
FindResourceW
LoadLibraryExW
InterlockedExchange
GetCurrentThreadId
TerminateProcess
GlobalHandle
SetUnhandledExceptionFilter
InterlockedCompareExchange
MulDiv
CreateFileW
SetLastError
Sleep
GetLocaleInfoW
FormatMessageW
GetComputerNameW
GetVersionExA
SetEvent
HeapSetInformation
SizeofResource
GetThreadLocale
lstrlenA
InterlockedDecrement
FindResourceExW
GetTempPathW
RaiseException
LeaveCriticalSection
InterlockedIncrement
WaitForSingleObject
GetModuleHandleW

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f28d99dc463e3550ac872e4935112ff

Headers

File Characteristics

Imports

crypt32

wtsapi32

ole32

ddraw

shell32

version

shlwapi

gdi32

secur32

netapi32

gdiplus

kernel32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 36KB

.rsrc Size: 1024B - Virtual size: 52KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 52KB