f2a2f093e5c02570da85f3569edf2467_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f2a2f093e5c02570da85f3569edf2467_JaffaCakes118
Size

542KB
MD5

f2a2f093e5c02570da85f3569edf2467
SHA1

6dbdcb9f0fc815e18ff99064bc42ac8ddc76d5aa
SHA256

73898e3fe705d16bd43fe3920cbd23f7464bfe6532c5b1533f7ab466321f95ef
SHA512

df76fb25547197d9a57383c1ec560e6e7833c297df7941c29de10c19ddb26be2c95804afdc05515307e5ff95e8b8e634920a8c78ca7177f25b1a85033bd98880
SSDEEP

12288:rea2hZ0GmgzYdAEHnqHgP3+GbgyTiEAU1TAU8QrgQxwF87Vw:eZ0Gmufi+GbgQiEAU9YQVQ0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2a2f093e5c02570da85f3569edf2467_JaffaCakes118

Files

f2a2f093e5c02570da85f3569edf2467_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfad8d472e9b9aa41005e591832ff165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
VirtualFree
GetCPInfo
FindFirstFileExA
GetStringTypeA
SetConsoleCtrlHandler
GetModuleHandleA
WriteFile
DeleteCriticalSection
GlobalUnfix
EnterCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
SetEnvironmentVariableA
OpenProcess
OpenMutexA
InterlockedIncrement
FlushFileBuffers
WriteConsoleA
SetStdHandle
GetTimeFormatA
TerminateProcess
TlsAlloc
GetStartupInfoA
UnhandledExceptionFilter
WriteConsoleInputA
GetDateFormatA
LeaveCriticalSection
VirtualAlloc
WriteConsoleW
GetACP
GetCurrentProcess
HeapAlloc
GetConsoleCP
InterlockedExchange
GetEnvironmentStringsW
ReadFile
GetVersionExA
GetSystemTimeAsFileTime
GetCommandLineA
FreeLibrary
GetStdHandle
EnumSystemLocalesA
LCMapStringA
GetOEMCP
TlsGetValue
GetModuleFileNameW
VirtualAllocEx
SetFileAttributesA
FreeEnvironmentStringsA
GetProcessHeap
GetConsoleMode
GetFileType
HeapFree
SetLastError
WideCharToMultiByte
GetStartupInfoW
LCMapStringW
CompareStringA
GetTickCount
GetCommandLineW
SetHandleCount
GetStringTypeW
TlsSetValue
Sleep
ExitProcess
HeapSize
HeapReAlloc
InterlockedDecrement
GetCurrentThread
GetProcAddress
FreeEnvironmentStringsW
GetConsoleOutputCP
CreateSemaphoreA
GetLocaleInfoA
GetTimeZoneInformation
IsValidCodePage
LoadLibraryA
CreateMutexA
CreateFileA
GetCurrentProcessId
HeapCreate
GetModuleFileNameA
SetFilePointer
CompareStringW
GetLocaleInfoW
GetLastError
IsValidLocale
MultiByteToWideChar
GetCurrentThreadId
TlsFree
SetUnhandledExceptionFilter
VirtualQuery
RtlUnwind
HeapDestroy
CloseHandle
GetUserDefaultLCID
GetEnvironmentStrings

comctl32

InitCommonControlsEx

gdi32

GdiSetBatchLimit
FloodFill
ColorCorrectPalette
PlayMetaFile
DeleteMetaFile
EnumFontsA
CreateDIBSection
CreateDCA
PatBlt
EndPage
CreateHatchBrush
PolyBezierTo
GetDCOrgEx
PtVisible
CombineTransform
CreateEllipticRgnIndirect
GetBkMode
GetObjectA
CloseEnhMetaFile
GetCharWidth32W
EnumObjects

user32

RegisterClassA
GetKeyboardType
GetWindowTextA
GetMenu
LoadStringW
EnumDisplaySettingsA
SetClassWord
DrawFrameControl
DestroyCursor
MonitorFromRect
ShowWindow
UnregisterHotKey
GetMonitorInfoA
DdeUnaccessData
ChangeMenuW
GetMenuInfo
GetShellWindow
RegisterClassExA
TabbedTextOutA
SetActiveWindow

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfad8d472e9b9aa41005e591832ff165

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 206KB - Virtual size: 206KB

.rdata Size: 10KB - Virtual size: 38KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 206KB - Virtual size: 206KB

.rdata
Size: 10KB - Virtual size: 38KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 7KB - Virtual size: 7KB