2ce68a9bff38f4817f4dffede7d4231f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ce68a9bff38f4817f4dffede7d4231f_JaffaCakes118
Size

672KB
MD5

2ce68a9bff38f4817f4dffede7d4231f
SHA1

b799c8becc28a7dac2d9c81e44c18517af05cf95
SHA256

aec61a28bba54ecbaa9f207a6788938cac7caf62993beb181ea65f785306fa52
SHA512

fa025e6f72fea62a4c61fc4c0d8ec8d03806fdef26b6c752437e02aa7f6ca60dea9518eb5310e06fdc349beabb15a0e541c90b69e2b5e4f36246070622c7328e
SSDEEP

12288:cEWeWgfowcbcnkitsMjaGocEHh+MFaWivkOhdYJXL+FCu9uQRCr:XWSofrwsgavscRkk+dYXkRC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce68a9bff38f4817f4dffede7d4231f_JaffaCakes118

Files

2ce68a9bff38f4817f4dffede7d4231f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36c83c23bc96c8bbc62702d703c95343

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasesLengthW
GetDefaultCommConfigW
GetProcessIoCounters
BuildCommDCBAndTimeoutsA
HeapAlloc
ClearCommError
FlushConsoleInputBuffer
GetTickCount
GetCommConfig
EscapeCommFunction
GetVolumePathNameW
GetProcessHandleCount
EnumSystemCodePagesA
GetModuleFileNameW
CompareStringW
MultiByteToWideChar
lstrlenW
DisconnectNamedPipe
FindFirstFileExA
GetLastError
GetLongPathNameA
EnumDateFormatsExA
SetVolumeLabelW
SetFileApisToOEM
GetAtomNameA
LocalAlloc
SetConsoleCtrlHandler
SetProcessWorkingSetSize
WTSGetActiveConsoleSessionId
GetModuleHandleA
VirtualProtect
SetCalendarInfoA
GetWindowsDirectoryW
GetVolumeNameForVolumeMountPointW
lstrcpyA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RtlUnwind
HeapSize
LCMapStringW
GetStringTypeW
HeapReAlloc

user32

GetCursorInfo

Exports

Exports

@calcPrecision@4

Sections

.text
Size: 621KB - Virtual size: 621KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 694KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36c83c23bc96c8bbc62702d703c95343

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 621KB - Virtual size: 621KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 694KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 621KB - Virtual size: 621KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 694KB

.rsrc
Size: 29KB - Virtual size: 28KB