2cfa4af489c737e56dfaa854eb5bd889_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cfa4af489c737e56dfaa854eb5bd889_JaffaCakes118
Size

93KB
MD5

2cfa4af489c737e56dfaa854eb5bd889
SHA1

0ae66dd4b9c43af543dd5d72f861ef0a787e86ef
SHA256

db7a95409c155c12c8c20c79af2d6ddd27e8ca84905b33626d96d25176b22057
SHA512

aaf6327b12c5615a8d8ffdbcd81fc1680996f9fc2a5f8b753356592873aac3a837219c7ceb488793ac902b8108bcc8affd92b863fefb7557424a9b48295359cf
SSDEEP

1536:A70xMxLnRJUAG6AmRt8m++RTHGYGOuG9xPCh+6GmciZ0diXvh9hIX:A70SpIbK8m++RTHGDOuG9xPv6GmcizfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cfa4af489c737e56dfaa854eb5bd889_JaffaCakes118

Files

2cfa4af489c737e56dfaa854eb5bd889_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bbbc5849281f34b5b0c34add0a07f78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegQueryValueA
GetUserNameA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegQueryInfoKeyA

comdlg32

GetSaveFileNameA
ChooseColorA
FindTextA
GetOpenFileNameA
FindTextA
ChooseColorA
GetSaveFileNameA

ole32

CoGetContextToken
CLSIDFromString
CoDisconnectObject
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CreateBindCtx
CoRegisterClassObject
OleCreateStaticFromData
CoGetObjectContext
CoCreateInstanceEx
OleCreateStaticFromData
CLSIDFromString
OleRun
StgCreateDocfileOnILockBytes

kernel32

lstrcatA
ExitThread
RaiseException
VirtualAllocEx
GetDiskFreeSpaceA
GetLastError
GetModuleHandleA
GetOEMCP
GetLocalTime
GetCPInfo
GetStringTypeW
VirtualAlloc
GetDateFormatA
HeapAlloc
GetStdHandle
LoadLibraryExA
WideCharToMultiByte
lstrcpynA
CloseHandle
GetProcAddress
ExitProcess
SetEndOfFile
LocalAlloc
GetUserDefaultLCID
SizeofResource

shlwapi

SHDeleteKeyA
SHDeleteValueA
PathIsDirectoryA
SHGetValueA
PathGetCharTypeA
SHQueryInfoKeyA
PathIsContentTypeA
SHQueryValueExA
PathFileExistsA
PathIsContentTypeA
SHQueryInfoKeyA
PathIsDirectoryA
SHDeleteKeyA
SHGetValueA
SHDeleteValueA
SHSetValueA
PathGetCharTypeA

gdi32

SelectPalette
CreatePenIndirect
GetClipBox
GetRgnBox
CreateCompatibleBitmap
SetTextColor
GetDIBits

oleaut32

SafeArrayPtrOfIndex
OleLoadPicture
VariantCopyInd
SafeArrayCreate
SafeArrayUnaccessData

msvcrt

memcmp
log10
atol
memcpy
mbstowcs
wcschr
memset
srand
exit
sin
abs
clock
log
ceil
wcsncmp
strlen
time
_acmdln
tolower
wcstol
memmove
fabs
calloc
strcmp
swprintf
pow
rand
sqrt
malloc
sprintf
strncmp
exp
wcscspn

version

GetFileVersionInfoSizeA
VerQueryValueA

user32

DefFrameProcA
CallWindowProcA
GetSysColor
GetWindow
GetMenu
GetSubMenu
ShowScrollBar
EqualRect
GetCursor
GetKeyState
CharLowerA
EndDeferWindowPos
SetWindowLongA
GetActiveWindow
GetPropA
DrawEdge
CharToOemA
DefWindowProcA
EnableScrollBar
GetClipboardData
CreatePopupMenu
GetSysColorBrush
GetDesktopWindow
CharLowerBuffA
GetIconInfo
GetScrollRange
GetFocus
IsChild
CreateMenu
EnumChildWindows
EnumWindows
BeginDeferWindowPos
FillRect
BeginPaint
GetKeyNameTextA
DrawTextA
DrawIconEx
DrawIcon
GetCursorPos
SystemParametersInfoA
GetMenuState
SetWindowPos
CallNextHookEx
MessageBoxA
CreateWindowExA
SetCursor
GetClassInfoA
GetWindowTextA
GetScrollInfo
TrackPopupMenu
IsWindowVisible
SetTimer
EndPaint
GetClassLongA
IsWindowEnabled
GetMessagePos
ShowWindow
ClientToScreen
DrawFrameControl
CreateIcon
DefMDIChildProcA
EnumThreadWindows
GetForegroundWindow
GetDCEx
GetDC
DispatchMessageA
DrawMenuBar
FrameRect
IsMenu
GetMenuItemCount
CharNextA
DispatchMessageW
EnableWindow
GetParent
GetMenuStringA
RegisterClassA
IsDialogMessageA
GetCapture
HideCaret
GetMenuItemInfoA
GetLastActivePopup
GetClientRect
EnableMenuItem
FindWindowA
DeferWindowPos
CheckMenuItem
SetWindowTextA
GetDlgItem
GetScrollPos
GetMenuItemID

shell32

SHGetSpecialFolderLocation
SHGetFileInfoA
SHFileOperationA
SHGetFolderPathA

comctl32

ImageList_Draw
ImageList_GetBkColor
ImageList_Read
ImageList_DrawEx
ImageList_Add
ImageList_DragShowNolock
ImageList_Write
ImageList_Destroy
ImageList_Remove
ImageList_Create

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bbbc5849281f34b5b0c34add0a07f78

Headers

File Characteristics

Imports

advapi32

comdlg32

ole32

kernel32

shlwapi

gdi32

oleaut32

msvcrt

version

user32

shell32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.init Size: 42KB - Virtual size: 42KB

.edata Size: 512B - Virtual size: 85B

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 45KB

.init
Size: 42KB - Virtual size: 42KB

.edata
Size: 512B - Virtual size: 85B

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB