2cb8b5266a9174ae66121d80c886821a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cb8b5266a9174ae66121d80c886821a_JaffaCakes118
Size

2.9MB
MD5

2cb8b5266a9174ae66121d80c886821a
SHA1

a428cae9a80846239e8313ef8105da312c2f6c40
SHA256

361cbf0a7c49c5c163b1476b97f48f0003db780288a143aa33c56e1e567279ca
SHA512

93e9209bcab9d3491bf1f9851abd4819e802c0beab853b60007b913ee397254dd37bb6bb2b3721b4b119bc29cbaffa1fef0037a160b2fe7c63340c21a98c4fbe
SSDEEP

24576:B0V91EYghWQEjgVB2NfOsVfXdG0sVZ3jumJtERB2+:B0nYWQegKNVWzdAB2+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb8b5266a9174ae66121d80c886821a_JaffaCakes118

Files

2cb8b5266a9174ae66121d80c886821a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8195336af1383a48df870c1ca0f2b73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
ExitWindowsEx
RegisterClassW
FlashWindow
GetClassNameW
CopyRect
GetProcessWindowStation
ShowScrollBar
LockWindowUpdate
GetWindowRgnBox
DestroyMenu
SetMenu
LoadMenuW
MapVirtualKeyW
CharUpperW
GetPriorityClipboardFormat
GetDlgItemTextW
GetDlgItemInt
MoveWindow

kernel32

LCMapStringW
HeapSize
HeapReAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
GlobalFree
VirtualAlloc
HeapAlloc
FreeEnvironmentStringsW
DeleteCriticalSection
PulseEvent
CloseHandle
lstrcmpiW
FlushFileBuffers
TlsAlloc
GetModuleHandleW
GetDiskFreeSpaceW
FindFirstFileExW
FindCloseChangeNotification
GetThreadLocale
GetConsoleWindow
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
lstrlenW
GetCurrentThreadId
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
CreateFileW
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree

wtsapi32

WTSEnumerateSessionsW

mprapi

MprConfigInterfaceEnum
MprConfigTransportGetInfo
MprConfigGetFriendlyName
MprConfigInterfaceTransportEnum
MprConfigTransportCreate
MprConfigInterfaceGetInfo
MprConfigInterfaceDelete
MprConfigInterfaceCreate

winspool.drv

SetPortW

advapi32

RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryInfoKeyW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 800KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0da7e
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.61oa
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i9oi3
Size: 610KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i7n834
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8195336af1383a48df870c1ca0f2b73

Headers

File Characteristics

Imports

user32

kernel32

wtsapi32

mprapi

winspool.drv

advapi32

Sections

.text Size: 94KB - Virtual size: 94KB

.data Size: 800KB - Virtual size: 7.7MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.0da7e Size: 478KB - Virtual size: 477KB

.61oa Size: 513KB - Virtual size: 513KB

.i9oi3 Size: 610KB - Virtual size: 610KB

.i7n834 Size: 77KB - Virtual size: 77KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 94KB - Virtual size: 94KB

.data
Size: 800KB - Virtual size: 7.7MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.0da7e
Size: 478KB - Virtual size: 477KB

.61oa
Size: 513KB - Virtual size: 513KB

.i9oi3
Size: 610KB - Virtual size: 610KB

.i7n834
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 362KB - Virtual size: 362KB