2e41a173cba6ef4d9fe96fee89eb6843_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e41a173cba6ef4d9fe96fee89eb6843_JaffaCakes118
Size

1.0MB
MD5

2e41a173cba6ef4d9fe96fee89eb6843
SHA1

541c9ddd2f268f67df887e4507198292b4d96857
SHA256

dbed6fa79853c243befe4916da00e72da75b18ea12f190454df58fd44963ca38
SHA512

7f5614a7fc7e9462ca6a39e7e795043b81f4f37c958c02dbb90b3d2e1830257b1eecf9520c3ffe10fdb6cc26932247701d6f737bac7e5bb0e0108da1b9ca5f1d
SSDEEP

24576:7bxDwKR75I59PZ1WHD9GnS5m4eQsojSjPShnPVK8X7Ptfnn:7iK9yrPZU1c5bL7SzK8XJnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e41a173cba6ef4d9fe96fee89eb6843_JaffaCakes118

Files

2e41a173cba6ef4d9fe96fee89eb6843_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9001df12c5f4e51e701ebed03c737f33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA
StrChrA
PathFileExistsA
StrNCatA
StrStrA
StrStrIA
wnsprintfA

rpcrt4

UuidToStringA
UuidCreate

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetPrivateProfileStringA
WritePrivateProfileStringA
Sleep
CreateThread
GetLocalTime
GetVersionExA
lstrcpyA
GetTickCount
GetCurrentProcessId
GlobalMemoryStatusEx
GetDiskFreeSpaceExA
MoveFileExA
GetExitCodeProcess
lstrcatA
lstrcmpiA
GetModuleFileNameA
WinExec
GetTempPathA
GetFileAttributesA
FindFirstFileA
FindClose
FindNextFileA
GetModuleHandleA
CreateDirectoryA
ExitProcess
CreateMutexA
MultiByteToWideChar
LocalAlloc
LocalFree
OpenProcess
TerminateProcess
GetFullPathNameA
DosDateTimeToFileTime
SetFileTime
GetFileTime
LocalFileTimeToFileTime
QueryPerformanceCounter
GetFileType
InterlockedDecrement
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
lstrlenA
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
lstrcpynA
MapViewOfFile
DeleteFileA
LoadLibraryA
ReadFile
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetEndOfFile
GetProcAddress
GetCurrentProcess
FreeLibrary
WriteFile
CreateFileA
GetProcessHeap
HeapFree
HeapAlloc
OpenFileMappingA
CloseHandle
CreateToolhelp32Snapshot
CreateFileMappingA
Process32Next
GetLastError
WideCharToMultiByte
HeapReAlloc
Process32First
SetFilePointer
HeapSize
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetHandleCount

user32

RedrawWindow
IsDlgButtonChecked
CheckRadioButton
EnableWindow
FillRect
GetDlgItem
SetWindowTextA
GetWindowDC
DrawFocusRect
GetDlgCtrlID
SetCursor
SetFocus
EndPaint
GetKeyState
GetFocus
LoadBitmapA
GetParent
IsWindowEnabled
BeginPaint
GetDC
GetWindowTextA
DrawTextA
InvalidateRect
ReleaseDC
PostMessageA
UpdateWindow
DestroyWindow
keybd_event
GetMessageA
GetWindowRect
RegisterClassExA
PostQuitMessage
LoadIconA
GetClientRect
SendMessageA
IsDialogMessageA
TranslateMessage
MapVirtualKeyA
MessageBoxA
GetWindowLongA
CreateWindowExA
DefWindowProcA
SetWindowPos
ShowWindow
DispatchMessageA
SystemParametersInfoA
LoadCursorA
PeekMessageA
MoveWindow
ExitWindowsEx
GetWindowThreadProcessId
EnumWindows
GetClassNameA
SetWindowLongA
GetWindowTextLengthA

gdi32

CreateSolidBrush
BitBlt
SetTextColor
DeleteDC
CreateFontA
SetBkMode
DeleteObject
SetBkColor
CreateCompatibleDC
GetTextExtentPointA
GetObjectA
GetStockObject
TextOutA
SelectObject
CreateDIBitmap

advapi32

AdjustTokenPrivileges
RegOpenKeyA
RegCloseKey
RegCreateKeyA
RegQueryValueExA
OpenProcessToken
OpenSCManagerA
QueryServiceStatus
CloseServiceHandle
OpenServiceA
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegEnumKeyA
RegSetValueExA
SetFileSecurityA
LookupPrivilegeValueA
RegDeleteKeyA
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA

shell32

ShellExecuteExA
ShellExecuteA
SHGetFolderPathA

ole32

CoTaskMemAlloc

oleaut32

VariantClear

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 872KB - Virtual size: 871KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9001df12c5f4e51e701ebed03c737f33

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

rpcrt4

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 14KB - Virtual size: 23KB

.cdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 872KB - Virtual size: 871KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 14KB - Virtual size: 23KB

.cdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 872KB - Virtual size: 871KB

.reloc
Size: 15KB - Virtual size: 14KB