2fca17b7a40e7113f8a9d5915664c4e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fca17b7a40e7113f8a9d5915664c4e3_JaffaCakes118
Size

395KB
MD5

2fca17b7a40e7113f8a9d5915664c4e3
SHA1

4f3ec76480cc24cdc3b5e50f586b71c7ed161c60
SHA256

6366a11ca11b96f63ee7dfb310e6fa0adb72a0a9eb7d2b33d040b27c3dc06d23
SHA512

cfcb70b0b0b9ec1dd66a8683ab0ac2439d49552779c96e6f78f695eb8f3b67745775c95185747f61464b645ba00154f195aa2adbbd5fc250a0e6071b4858401e
SSDEEP

12288:l4GI2/WByW3EyMhmrz2W473BOT/+3ge6:PIUWByWUyM4rz2t3BhQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fca17b7a40e7113f8a9d5915664c4e3_JaffaCakes118

Files

2fca17b7a40e7113f8a9d5915664c4e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32f045b233a11fdcfb107c514b59d8bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

Arc
SetLayout
GetObjectW
SetBrushOrgEx
SetROP2
CreatePenIndirect
CreateCompatibleDC
CreateSolidBrush
SetBkColor
RealizePalette
LineTo
SelectPalette
Ellipse
CreatePen
CreateFontIndirectW

user32

InflateRect
GetCursorPos
DrawIconEx
wsprintfW
PostQuitMessage
GetWindowThreadProcessId
PostMessageW
MessageBoxIndirectW
RegisterWindowMessageW
SetDlgItemTextW
RegisterClassW
IsWindow
GetMonitorInfoW
CopyRect
DestroyWindow
TranslateAcceleratorW
GetPropW
GetDlgItem
GetWindowTextW
RegisterClassExW
SetCursor
EndPaint
MonitorFromWindow
OffsetRect
LoadStringW
MonitorFromRect
LoadIconW
SetFocus
SetWindowTextW
MsgWaitForMultipleObjects
IsDlgButtonChecked
DestroyIcon
SetWindowLongW
MessageBoxW
SetWindowPos
GetClassInfoW
DispatchMessageW
FillRect
DrawFocusRect
MapDialogRect
EndDeferWindowPos
ReleaseCapture
DestroyAcceleratorTable

gdiplus

GdipGetPropertyItemSize
GdipGetImageGraphicsContext
GdipFree
GdipGetImageEncodersSize
GdipGetImageWidth
GdipGetImageHeight
GdipCreateHBITMAPFromBitmap

advapi32

RegCloseKey
RegOpenKeyExW
CloseServiceHandle
RegQueryInfoKeyW

ole32

CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
PropVariantClear

kernel32

MulDiv
GetTickCount
WaitForSingleObject
GetStartupInfoW
GetSystemDirectoryW
lstrcatW
CreateEventA
GetFullPathNameW
GetWindowsDirectoryW
QueryPerformanceCounter
GetLastError
GetLocalTime
CopyFileW
SetEvent
InitializeCriticalSection
OpenFileMappingW
MapViewOfFile
lstrcpynW
ReleaseMutex
LoadLibraryW
CompareStringW
WriteFile
lstrcmpiW
GetModuleHandleW
DeleteFileW
InterlockedDecrement
UnhandledExceptionFilter
CreateFileW
EnterCriticalSection
FindNextFileW
LocalAlloc
GetShortPathNameW
MoveFileW
SetFileTime
FindClose
GetProcAddress
SetEvent
lstrlenA
FindFirstFileW
VirtualAllocEx

msvcrt

_XcptFilter
?terminate@@YAXXZ
free
wcscpy
exit
wcsncpy
_initterm
_exit
__set_app_type

shell32

ord748
ord155
ExtractIconExW
SHGetFileInfoW

shlwapi

PathFindFileNameW
PathRemoveExtensionW
ord186
wnsprintfW

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32f045b233a11fdcfb107c514b59d8bd

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

gdiplus

advapi32

ole32

kernel32

msvcrt

shell32

shlwapi

Sections

.text Size: 240KB - Virtual size: 240KB

.data Size: 144KB - Virtual size: 144KB

.rsrc Size: 9KB - Virtual size: 344KB

.text
Size: 240KB - Virtual size: 240KB

.data
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 9KB - Virtual size: 344KB