2e4c0a86032b7f59f349fb41d3ab5336_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e4c0a86032b7f59f349fb41d3ab5336_JaffaCakes118
Size

442KB
MD5

2e4c0a86032b7f59f349fb41d3ab5336
SHA1

2e29970251240f83a423c34b4da68f70c15ebec7
SHA256

c92d35c5fe173653bd1e7b8a32c963cdaf5474dd945740c171bc4554bff3bea2
SHA512

e18306e5d4c7eadb044b592a37ce452c15c3bf06bc104daae6d105ab481b7aff15472bb339516520ae844b89e828bdc19199d690c6c1a472b0f3a70a1199991b
SSDEEP

12288:sP+/hhxYjfh7snDU3LjyjYeaHYVr3TmVW:sG5nYjZ7snDU3Li9r3TMW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e4c0a86032b7f59f349fb41d3ab5336_JaffaCakes118

Files

2e4c0a86032b7f59f349fb41d3ab5336_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9b72128b365d5fd690158dddfdaaab9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_except_handler3
_controlfp
wcscpy
__set_app_type
_initterm
realloc
_vsnwprintf
__RTDynamicCast
_adjust_fdiv

shlwapi

StrToIntExW
ord186
PathRemoveFileSpecW

shell32

ShellExecuteExW
SHGetDesktopFolder
ord18
SHBrowseForFolderW
SHChangeNotify

user32

GetMessageW
PostMessageW
SetWindowTextW
ReleaseDC
SendNotifyMessageW
LoadStringW
BeginPaint
PtInRect
GetForegroundWindow
MonitorFromRect
GetWindowLongW
RegisterClassW
SetDlgItemTextW
CopyIcon
GetWindowThreadProcessId
DialogBoxParamW
PostThreadMessageW
GetWindowTextLengthW
CharUpperBuffW
LoadCursorW
DrawIconEx
GetSysColorBrush
GetLastActivePopup
KillTimer
MessageBoxIndirectW
FindWindowExW
GetIconInfo

gdiplus

GdipGetPropertyItemSize
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageI
GdipLoadImageFromFile
GdipSaveAddImage

gdi32

Arc
SelectObject
SetBkMode
BitBlt
SetBrushOrgEx
CreateCompatibleDC
RealizePalette
Ellipse
CreateCompatibleBitmap
CreateHalftonePalette
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
GetTextMetricsW
SetStretchBltMode
CreatePenIndirect

advapi32

OpenSCManagerW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
PropVariantClear
CoAllowSetForegroundWindow
CLSIDFromString
StringFromCLSID
CoRevokeClassObject
CoTaskMemFree
FreePropVariantArray

kernel32

GetHandleInformation
WaitForSingleObject
CopyFileW
SetUnhandledExceptionFilter
SetCurrentDirectoryW
ExitThread
GetTempFileNameW
lstrcatW
GlobalAlloc
SizeofResource
InitializeCriticalSection
SetFileTime
GetSystemDirectoryW
GetLastError
GlobalUnlock
TerminateProcess
CompareStringW
CreateThread
OpenFileMappingW
HeapDestroy
CreateEventA
GetTickCount
FindFirstFileW
UnhandledExceptionFilter
InterlockedIncrement
WaitForSingleObject
SystemTimeToFileTime
lstrcpyW
VirtualAllocEx
GetCurrentThreadId
MulDiv
GetTickCount
FreeLibraryAndExitThread
FindResourceW

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9b72128b365d5fd690158dddfdaaab9

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

shlwapi

shell32

user32

gdiplus

gdi32

advapi32

ole32

kernel32

Sections

.text Size: 399KB - Virtual size: 399KB

.data Size: 35KB - Virtual size: 35KB

.rsrc Size: 6KB - Virtual size: 296KB

.text
Size: 399KB - Virtual size: 399KB

.data
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 6KB - Virtual size: 296KB