2cf9704b9ad48c05501f372a26d14636_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cf9704b9ad48c05501f372a26d14636_JaffaCakes118
Size

490KB
MD5

2cf9704b9ad48c05501f372a26d14636
SHA1

1e3900f7603a549d034923290af27e63e8e26f2a
SHA256

3fbdede25a0eb245357501033b64adcd9380e592f386ef05748ca3d9b42910af
SHA512

3f19b14bde5f231e40b920f27bc3ae9ff14e71192fb3602b9864652f780a6deebfa3b3e3d49064b472425a58f6e06efe43a1f7f2f749325f3ec70d5665a212a9
SSDEEP

12288:0dMUnJ5CSMFUB9OvWVLn+majhquqCkVY63Vd5z3K4RqZuRhzM:7UnvnL+malqseYYVDFAuR6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sample.exe

Files

2cf9704b9ad48c05501f372a26d14636_JaffaCakes118
.zip

Password: infected
sample.exe
.exe windows:5 windows x86 arch:x86

3146614d7f0e63bb03fa4283c5ec4b08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
SetTextAlign
GetStretchBltMode
GetFontLanguageInfo
SetTextJustification
GetRandomRgn
GetPixelFormat
GetCurrentObject
UpdateColors
GetTextAlign
GetTextCharset
GetTextCharsetInfo
GetFontUnicodeRanges
SetSystemPaletteUse
SetTextColor
GetBkColor
GetNearestColor
GetDCBrushColor
GetTextColor
GetSystemPaletteUse
SetPixel
GetPolyFillMode
GetDCPenColor
GetMapMode
GetClipRgn
GetNearestPaletteIndex
GetMetaRgn
SetTextCharacterExtra
GetTextCharacterExtra
GetGraphicsMode

kernel32

GetModuleHandleA
GetProcAddress
LoadResource
FindResourceA
GetDriveTypeA
WriteFile
LocalFlags
IsProcessorFeaturePresent
GetFileTime
LockResource
DeleteFileA
GlobalSize
SizeofResource
MoveFileA
GetProcessId
GlobalFlags
FindClose
GetProcessHeap
SetFilePointer
GetFileType
GetVersion
GlobalHandle
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
IsDebuggerPresent
GetCurrentProcess
GetLastError
QueryPerformanceCounter
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CreateFileA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetFileAttributesA
GetTimeZoneInformation
SetHandleCount
ReadFile
CloseHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetSystemTimeAsFileTime
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetModuleHandleW
ExitProcess
HeapReAlloc
RaiseException
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetFullPathNameA
GetCurrentDirectoryA
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage

user32

CheckDlgButton
GetWindowContextHelpId
IsWindowEnabled
ShowWindow
GetPropA
GetDialogBaseUnits
GetDlgItemInt
WindowFromDC
GetDlgItem
EndPaint
PostMessageA
GetMenuContextHelpId
GetDC
GetMenuState
IsWindowUnicode
GetWindowDC
EnableWindow
GetForegroundWindow
GetCursor
BeginPaint
EndDialog
GetScrollPos
GetKeyboardType
GetWindowLongA
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenuItemID
RemovePropA
GetMenu
SetFocus
DrawTextA
LoadIconA
GetQueueStatus
CallWindowProcA
GetInputState
SendMessageA
MoveWindow
SetWindowTextA
SetDlgItemTextA

Sections

.text
Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

3146614d7f0e63bb03fa4283c5ec4b08

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

Sections

.text Size: 716KB - Virtual size: 716KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 120KB - Virtual size: 152KB

.text
Size: 716KB - Virtual size: 716KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 120KB - Virtual size: 152KB