2da3dcea4e5e586d010c02e922ce290c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2da3dcea4e5e586d010c02e922ce290c_JaffaCakes118
Size

2.8MB
MD5

2da3dcea4e5e586d010c02e922ce290c
SHA1

291270065fb04b963bbb1674547148a63f289487
SHA256

d6b6f9acbae33c638230351c47f686a11a249951e0b056385aab72e889aea664
SHA512

0bb47c6fb1b5e9dc8ef4755e30ba905b212b945f1b23e49ed33654223eccffc822d057a9033f00c3036981f2a1d1a106290ecd5e9e2972a09ba0ec3a9a034918
SSDEEP

49152:1AGCplAJ8CCItRQt6B1te9z0BiYPF3tx71P:1YplERe9/uRf71

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da3dcea4e5e586d010c02e922ce290c_JaffaCakes118

Files

2da3dcea4e5e586d010c02e922ce290c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f1a436338a9c3aba528f8ffc2967f76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Projects\FlashAidEx\V4.7\!Output\Release\FlashAid.pdb

Imports

comctl32

ord17
PropertySheetA

shlwapi

StrToIntExA

kernel32

SetLastError
GetProcAddress
LoadLibraryA
CloseHandle
GetFileSize
lstrcmpA
SetFilePointer
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
WriteFile
ReadFile
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
SetFileAttributesA
FindClose
FindNextFileA
DeleteFileA
GetPrivateProfileIntA
Sleep
lstrcmpiA
GetPrivateProfileStringA
GetModuleFileNameA
DeviceIoControl
GetCurrentProcess
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
GetModuleHandleA
GetVersionExA
GetSystemPowerStatus
GetLocaleInfoA
WaitForSingleObject
CreateProcessA
CreateMutexA
GetTempPathA
GetCommandLineA
GetConsoleOutputCP
GetLastError
GetConsoleCP
InitializeCriticalSectionAndSpinCount
HeapSize
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
RaiseException
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
FreeLibrary
lstrcpynA
CreateFileA
lstrcpyA
lstrcatA
GetFileAttributesA
SetStdHandle
lstrlenA
GetConsoleMode
WriteConsoleA
WriteConsoleW
FlushFileBuffers
HeapFree
HeapAlloc
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP

user32

SetWindowPos
ExitWindowsEx
RegisterClassExA
PostQuitMessage
GetLastActivePopup
IsWindow
FindWindowA
LoadCursorA
DestroyIcon
RegisterClassA
SetTimer
KillTimer
GetParent
CreateWindowExA
GetSysColor
IsDlgButtonChecked
PostMessageA
GetWindowRect
CallWindowProcA
SetDlgItemTextA
MessageBoxA
InvalidateRect
UpdateWindow
CharNextA
DestroyWindow
GetSystemMenu
CreateDialogParamA
LoadStringA
DeleteMenu
SendMessageA
SetWindowLongA
GetWindowLongA
GetDlgItem
GetDesktopWindow
ShowWindow
SetWindowTextA
wsprintfA
SystemParametersInfoA
GetWindowThreadProcessId
GetForegroundWindow
AttachThreadInput
SetForegroundWindow
LoadImageA
DefWindowProcA

gdi32

SetTextColor
SetBkColor
CreateSolidBrush
CreateFontIndirectA
DeleteObject
GetObjectA
GetStockObject

advapi32

OpenProcessToken
LookupPrivilegeValueA
InitiateSystemShutdownA
AdjustTokenPrivileges

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f1a436338a9c3aba528f8ffc2967f76

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 7KB